Quoting Matthew Ostiguy (mostiguynetnumina.com):
> Did any of this have anything to do with his original question?
Um, yeah.
> Was he asking for a rant about windows security?
Was the next obvious question: why would someone want good,
but proprietary security programs that take over the stack?
Yeah.

> Was he asking for anyone's take on the state of IT departments circa 2002?
Hmmm, goal: Get his Open Systems box to speak to a 2002 IT deparment's
LAN via a VPN. In short: Yes; and it's excessively pertinent.

> Cisco's vpn client is a real IPsec client, with optional proprietary
> extensions for adding functionality. Most of the options (encapsulating
> everything thru udp on port 10000, or now tcp to work thru nat) are
> optional. I am not certain however if some of the esoteric authentication
> options are enabled via proprietary hooks though. There are multiple clients
> out there, as cisco is slowly merging them all together to have one unified
> client they have to support on against a varity of devices [vpn 3000
> concentrators (corporate), vpn 5000 concentrators (service
> provider/enterprise tier), pix firewalls, etc].
>
> If you could figure out what client you are running (do you have a cvpnd.exe
> in \program files\cisco vpn client, and if so, right click it, check the
> version tab, and product version line) , and what kind of device you are
> trying to connect to, I may be able to help you out. Cisco does now have
> linux, solaris and mac os X clients. I don't know if Cisco uses any non
> standard hooks for the RSA devices to work.

You assume he has windows. Rash assumption. I too was given an
install CD to "put on [my] windows box at home" I have a coffee
cup resting on that CD right now. There are many of us who, if we
even HAVE Intel, can't agree with that EULA that appears. (Moreso
for WinXP, it's just scarey).

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]