Re: VPN into PIX w/o cisco vpn client

From: Rodrick R. Brown (rrbrown@dcas.nyc.gov)
Date: 12/29/02


From: "Rodrick R. Brown" <rrbrown@dcas.nyc.gov>
Date: Sat, 28 Dec 2002 23:26:20 GMT

thanks for the respond you are correct this was posted to the wrong group
:-)

but your answers did give me a good basis on what direction I should look to
hopefully get this straightened out.

- RB

"Richard E. Silverman" <slade@shore.net> wrote in message
news:m1lznqpc15f.fsf@syrinx.oankali.net...
> >>>>> "RB" == Rodrick R Brown <rrbrown@dcas.nyc.gov> writes:
>
> RB> Hello I have recently been contracted to do some work for a client
> RB> and I need access the clients site via VPN using a proprietary VPN
> RB> client made by cisco the problem here is I only have unix machines
> RB> at home is it possible to configure my workstation talk to there
> RB> Cisco Pix 525 firewall via IPSEC/VPN w/o using this Cisco windows
> RB> only product ??
>
> RB> My local home firewall runs OpenBSD 3.2 and my workstation is a
> RB> FreeBSD 4.7 box
>
> This is off topic -- the subject of this newsgroup is SSH.
>
> Anyway -- it depends on what sort of VPN technique they're using. If it's
> pure IPSec, then certainly you can make OpenBSD and the Cisco
> interoperate; OpenBSD has IPSec in the kernel and IKE (isakmpd). If it's
> PPTP, then that's not usually secured via IPSec but rather uses its own
> (weak) security mechanisms. There are implementatinos of PPTP for Unix,
> e.g. poptop.
>
> If it's L2TP/IPSec, then you may be in trouble -- I don't know of a good
> free implementation of L2TP yet; there is the l2tpd project, but the last
> time I looked it was still pretty alpha and did not compile under
> OpenBSD. That may have changed though.
>
> --
> Richard Silverman
> slade@shore.net