"T. Sean Weintz"  wrote:   
   >INVALID@google.com wrote:   
   >>   
   >> XP built-in IPsec client can connect to standards-conforming IPsec VPN   
   >> server easily. For step-by-step configuration, see my company website   
   >> below. Some commercial VPN servers implements some proprietary stuff   
   >> only to tight their users up, which neither enhances security nor   
   >> performance.   
   >   
   >No. In fact if the remote end properly implements agressive mode as per   
   >the standard, the windoze XP ipsec client won't work with it.   
   >   
   >-Sean   
      
   Exactly. You are correct. But let's look at the bright side, rather than   
   the dark side. (Note that there are already tons of nodes bashing M$   
   stuff.) That's why main mode should be used always. Hence, people trying   
   to "configure" Win IPsec clients to do aggressive mode with   
   standards-conforming IPsec VPN servers would find themselves in a   
   difficult situation.   
      
   Use main mode/transport mode combination to configure Win IPsec client   
   to connect to standards-conforming IPsec servers. Win IPsec clients by   
   Microsoft/Cisco do conform to standards mostly because they can   
   interoperate with standards-conforming IPsec servers in main mode.   
   However, Win IPsec clients only do 3des in low-grade (export version)   
   encryption if case anyone cares the quality of encryption.   
      
   ------------------------------------------------   
   The leader in Green VPN solutions   
   http://strongsolutions.addr.com/   
   ------------------------------------------------   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)