[unisog] Opinion on L2TP/IPSEC?

Schley Andrew Kutz a.kutz at its.utexas.edu
Mon Sep 25 18:28:44 GMT 2006


What is wrong with MS IPSec?  They co-developed it with Cisco (it's even
Cisco branded on the gui parts).  It seems to work ok to me as I have
many Linux boxes (OpenSwan) involved in IPSec secured communications
with many Windows boxes (MS-IPSec) using Certificate authentication...

-- 
-a

ITS at The University of Texas at Austin

name:	Schley Andrew Kutz, MCSD, GCWN
mail:	a.kutz at its.utexas.edu
work:	512.475.9246

Please do not hesitate to call or e-mail me if you have any questions or
concerns!  

> -----Original Message-----
> From: unisog-bounces at lists.dshield.org 
> [mailto:unisog-bounces at lists.dshield.org] On Behalf Of Julian Y. Koh
> Sent: Monday, September 25, 2006 1:15 PM
> To: UNIversity Security Operations Group
> Subject: Re: [unisog] Opinion on L2TP/IPSEC?
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> At 13:37 -0400 09/25/2006, Gary Flynn wrote:
> >We're considering enabling L2TP on our VPN concentrator to enable 
> >Windows Mobile devices to connect without the need to 
> purchase an IPSEC 
> >client.
> 
> The Windows (including PocketPC Windows) L2TP client actually 
> rides on top of IPSec (don't confuse the real IPSec with MS' 
> co-opted IPSec term).  So the security level should be fine.
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Desktop 9.0.6 (Build 6060)
> Comment: <http://bt.ittns.northwestern.edu/julian/pgppubkey.html>
> 
> iQA/AwUBRRgcqA5UB5zJHgFjEQJ1JgCbBm/MSfiAtg/Bw4AUMQDi7i79CGQAni6Y
> lz3vXlOVWbvo9+7lz/iUlGJA
> =xlh/
> -----END PGP SIGNATURE-----
> 
> -- 
> Julian Y. Koh                         
> <mailto:kohster at northwestern.edu>
> Network Engineer                                   
> <phone:847-467-5780>
> Telecommunications and Network Services         Northwestern 
> University
> PGP Public 
> Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html>
> _______________________________________________
> unisog mailing list
> unisog at lists.dshield.org
> http://lists.dshield.org/mailman/listinfo/unisog
> 



More information about the unisog mailing list