Re: Basic Practical IPSec Documentation?

[Mike Lococo <mike.lococo () NYU EDU>]

> Check out http://technet.microsoft.com/en-us/network/bb531150.aspx,
> especially the introductory overviews or is this the documentation
> you are lamenting ;-)

That is indeed the main source of my woes.

> The other take home is it's not too hard if you can push
> out IPSEC certs to everyone using MS CA.  Otherwise it's hard.

I'm actually very much pushing in the other direction.  We don't have a
large enterprise-wide IPSec deployment and don't expect to ever have
one.  However, we do recommend it as a spot fix when a couple of backend
systems employ some poorly designed protocol.  In this kind of situation
where no system is ever going to speak IPSec to more than 1 or 2 other
boxes PSK is more than adequate and it really *isn't* hard (although the
UI is quite obtuse).  Anyway, if I can't find something I'll likely
scribble it together myself and post a follow-up to the list if/when it
happens.

Thanks,
Mike Lococo