Leon is right in that the Cisco VPN Client 1.1a won't work with Win2k/XP, and the version 3 client won't work with a router based vpn, (need a PIX etc). To be able to use the v3 client with a router based vpn, we have to wait for the release of IOS 12.8, which is being delayed due to problems with the VoIP code.
I'm waiting, and last I heard, it was due at the end of march. (Mind you, I was told the end of December too!) Clinton McDonald CCNA Network Engineer Extreme Networks This email and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are intended. If you are not the intended recipient or the person responsible for delivering the email to the intended recipient, be advised that you have received this email in error and that any use, dissemination, forwarding, printing or copying of this email is strictly prohibited. If you have received this email in error, please immediately notify Extreme Networks by telephone +61 3 9785 7162. -----Original Message----- From: leon [mailto:[EMAIL PROTECTED]] Sent: Tuesday, 12 March 2002 11:01 AM To: 'Maxime Rapaille' Cc: [EMAIL PROTECTED] Subject: RE: VPN and Cisco +IIOP question -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Maxime, I have never gotten the cisco client to work as advertised. First off it does not run on xp or win 2k (unless you use 3.0 and to use 3.0 you need a vpn concencentrato) ((list please correct me if I am wrong)). If you use a vpn concentrator you should be fine however if you are doing what I was trying to do (vpn into my network at home using ipsec from a win xp machine) that will not work. First off all you have to use the M$ dial up network adapter for a vpn client and for some reason this and cisco can't work together (funny I thought ip-sec was an rfc standard). "Supposedly" Cisco is going to release a new ios in Feb. (oh wait it is march) that allows you to use the m$ dial up adapter to use IP-Sec. I am sorry but I do not know the answer to your second question but I would bet that most proxy based firewalls could use some kind of generic proxy if this is a well known protocol. HTH, Leon - -----Original Message----- From: Maxime Rapaille [mailto:[EMAIL PROTECTED]] Sent: Friday, March 08, 2002 3:03 AM To: 'Security-Basics (E-mail)' Subject: VPN and Cisco +IIOP question Dear listmembers, 2 questions on this great list : (And I already made search on google.. Hopefully on the right way.) first one, Do you have any experience with VPN client (Software) compatible with the Cisco IPsec VPN? I already found the Cisco client itself, but we would like to have a panel of product, in order to make a better choice. I found Also the PGP VPN client, but not 100% sure he is compatible. Is the Windows 2000 IPsec compatible ? Any experience, link, feed-back, products info is really appreciated. Second question is concerning the IIOP protocol. Does some of you know a firewall/proxy, capable of handling this protocol ? I know Firewall just know it, but does not proxy nor analyse it (like he does for HTTP, SMTP, FTP). I read about Gauntlet Firewall, but was no more able to find a paper or precise Doc about it. Any other idea? Proposal, Links...? Thanks a lot for all positive feed-back. Have a great week-end all. Regards, Max. Maxime Rapaille Data Security Management National Bank of Belgium Mail : [EMAIL PROTECTED] Visit our website! http://www.nbb.be "DISCLAIMER: The content of this e-mail message does not constitute a commitment of the National Bank of Belgium (NBB) except where provided for in a written agreement between you and the NBB or where confirmed with a written form approved according to the internal regulations of the NBB. Besides, the statements and opinions expressed in this e-mail message are those of the author of the message and do not necessarily represent those of the NBB. The e-mail message contains proprietary information intended for the intended recipient only. If an addressing or transmission error has misdirected this e-mail, please notify the author. If you are not the intended recipient you must not use, disclose, distribute, copy, print or rely on any part of this e-mail message." -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> iQA/AwUBPI1FQNqAgf0xoaEuEQIOPQCfQk/dKJZDVvGmMq9q2V30PgvRobwAn1bL D9qUF/2NB/q34FDI7sRivWYX =ubJE -----END PGP SIGNATURE-----
