Re: VPN into PIX w/o cisco vpn client

From: Richard E. Silverman (slade@shore.net)
Date: 12/28/02

• Next message: all mail refused: "Re: Options for password expiration and SSH?"
• Previous message: Richard E. Silverman: "Re: .ssh/rc not given proto / cookie"
• In reply to: Rodrick R. Brown: "VPN into PIX w/o cisco vpn client"
• Next in thread: Rodrick R. Brown: "Re: VPN into PIX w/o cisco vpn client"
• Reply: Rodrick R. Brown: "Re: VPN into PIX w/o cisco vpn client"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: slade@shore.net (Richard E. Silverman)
Date: 28 Dec 2002 15:57:16 -0500

>>>>> "RB" == Rodrick R Brown <rrbrown@dcas.nyc.gov> writes:

    RB> Hello I have recently been contracted to do some work for a client
    RB> and I need access the clients site via VPN using a proprietary VPN
    RB> client made by cisco the problem here is I only have unix machines
    RB> at home is it possible to configure my workstation talk to there
    RB> Cisco Pix 525 firewall via IPSEC/VPN w/o using this Cisco windows
    RB> only product ??

    RB> My local home firewall runs OpenBSD 3.2 and my workstation is a
    RB> FreeBSD 4.7 box

This is off topic -- the subject of this newsgroup is SSH.

Anyway -- it depends on what sort of VPN technique they're using. If it's
pure IPSec, then certainly you can make OpenBSD and the Cisco
interoperate; OpenBSD has IPSec in the kernel and IKE (isakmpd). If it's
PPTP, then that's not usually secured via IPSec but rather uses its own
(weak) security mechanisms. There are implementatinos of PPTP for Unix,
e.g. poptop.

If it's L2TP/IPSec, then you may be in trouble -- I don't know of a good
free implementation of L2TP yet; there is the l2tpd project, but the last
time I looked it was still pretty alpha and did not compile under
OpenBSD. That may have changed though.

-- 
  Richard Silverman
  slade@shore.net

• Next message: all mail refused: "Re: Options for password expiration and SSH?"
• Previous message: Richard E. Silverman: "Re: .ssh/rc not given proto / cookie"
• In reply to: Rodrick R. Brown: "VPN into PIX w/o cisco vpn client"
• Next in thread: Rodrick R. Brown: "Re: VPN into PIX w/o cisco vpn client"
• Reply: Rodrick R. Brown: "Re: VPN into PIX w/o cisco vpn client"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Site-to-Site VPN ... NetVanta router, cant split them up due to our need for the lines for ... I have static at the main office, not sure about the remote. ... VPN between ASA and NetVanta Situation: The client creates a site to site VPN between Cisco ASA5510 and NetVanta 2054, ... (microsoft.public.windows.server.networking) Re: home network problems ... Deterministic Network Enhancer is one item installed by Cisco 3000 VPN. ... firewall softwall can be found. ... (microsoft.public.windowsxp.network_web) Re: A RAS/VPN "Is it just me?" question ... You have a T1 at the office connected to a Cisco ... Then you say you have a Dlink at the office and a Dlink at ... If you are adventurous you could have me try to vpn from one of my ... >> router? ... (microsoft.public.windows.server.sbs) Re: home network problems ... Cisco VPN was the culprit. ... >firewall softwall can be found. ... >home network during a VPN session. ... (microsoft.public.windowsxp.network_web) Re: can you identify if this is a dns issue.. ... we're using Cisco VPN client and Cisco router ... > rules on router or allowing routing from VPN client but I guess not. ... ping it, then its telling me there's something blocking the connection, ... the Cisco router or Windows? ... (microsoft.public.win2000.dns)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint