Date: Mon, 18 Jun 2001 12:23:18 -0400 (EDT) From: mi@aldan.algebra.com To: brian@Awfulhak.org Cc: brian@FreeBSD.org, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/usr.sbin/ppp ccp.c ccp.h command.c deflate.c fsm.c fsm.h ip.c mppe.c ppp.8 pred.c Message-ID: <200106181623.f5IGNJ097372@misha.privatelabs.com> In-Reply-To: <200106181535.f5IFZ6h05793@hak.lan.Awfulhak.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 18 Jun, Brian Somers wrote:
>> On 18 Jun, Brian Somers wrote:
>> > brian 2001/06/18 08:00:24 PDT
>> >
>> > Modified files:
>> > usr.sbin/ppp ccp.c ccp.h command.c deflate.c fsm.c
>> > fsm.h ip.c mppe.c ppp.8 pred.c
>> > Log:
>> > Add support for stateful MPPE (microsoft encryption) providing
>> > encryption compatibility with Windows 2000. Stateful encryption
>> > uses less CPU but is bad on lossy transports.
^^^^^^^^^^^^^^^^
>>
>> So, I suppose, I'll now be able to avoid using SSH and use PPP
>> with encryption over a device like host:port/tcp directly, without
>> the
>> set login "!ssh tunnel@host"
>>
>> Great! Thanks,
>
> Aye.
>
> IMHO PPPoUDP with encryption is the best option for VPNs where one
But, does not UDP qualify as one of those "lossy transports"?
> side has a dynamic IP. For static gateway IPs with private (rfc1918)
> addresses, IPSEC and gif are better. With real IPs, IPSEC on its own
> is best.
I looked for a tutorial on IPSEC/GIF somewhere, but could not find it :(
-mi
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200106181623.f5IGNJ097372>