On Tue, Nov 07, 2006 at 07:26:19PM +0000, Paul Civati wrote:
> Correct, I wasn't talking about plain IPSec, I was talking about
> "the simple connection of Windows clients, using the built-in VPN
> connector" exactly as I wrote.
>
> Can we drop the condescending "everyone without an openbsd.org mail
> address is an idiot" attitude please.
>
can you drop the "poor misunderstood user on misc@" attitude please?
talking about "stupid wizards" shouldn't be condescending to you and
it's not an attitude by me.
> I didn't say there was no other possible way to use IPSec on Windows,
> and my post was quite clear about the method I was talking about.
>
> > starting with windows 2000, it is possible to use the built-in ipsec
> > support. it is a bit hidden and the configuration is painful, but it
> > actually works... you can configure it from the system management
> > console or by executing "system32\secpol.msc".
>
> Exactly, this is not simple, the "stupid wizard" you refer to is
> what average joe without in depth IP stack knowledge will want
> to use, and what some people who have to support client VPN
> connections may want to use, because it will greatly reduce
> their support headache - providing server side works smoothly
> of course.
>
"i was talking about [something else]". ok, ok, i got it. but if
you're administrating a network with windows clients you can even
provide tools and software to make their and your life easy. did you
look at the link to mark uemura's slides? he's running a very smart
setup which is secure, redundant (i think he even extended it with
sasyncd) and easy. the only thing his joe average users have to do is
to click a little icon and to type in a password...
my personal oppinion is that depending on a castrated functionality
provided by a such wizards can be stupid. and sometimes it is even
much more difficult to click through these stupid wizards than typing
in a command or editing a human-readble configuration file. it is even
a stupid wizard problem, that users get used to their stupid wizards
and stupidly become to think that stupid wizards are easier to use...
and that is wrong. i know joe average users who started using
computers by running openbsd and they get heavilly scared when they
get in touch with a windows box ("oh, it's so complicated...").
> -Paul-
>
cheers,
reyk
