Re: [Fed-Talk] Cisco VPN Client 4.9.01 (0800) for Mac OSX 10.5. 3 up and Fix
Re: [Fed-Talk] Cisco VPN Client 4.9.01 (0800) for Mac OSX 10.5. 3 up and Fix
- Subject: Re: [Fed-Talk] Cisco VPN Client 4.9.01 (0800) for Mac OSX 10.5. 3 up and Fix
- From: "Shawn A. Geddis" <email@hidden>
- Date: Thu, 2 Oct 2008 10:50:30 -0400
On Oct 2, 2008, at 10:32 AM, Dave Schroeder wrote:
Shawn,
The built-in Mac OS X VPN client *does not* support all Cisco
enterprise VPN concentrators.
However, the iPhone VPN client does: <http://www.apple.com/iphone/enterprise/integration.html
> ...if only the iPhone Cisco IPsec VPN support would get rolled
into Mac OS X's VPN client, we would be VERY happy.
Indeed, the iPhone VPN client works fine with our Cisco VPN
concentrator (both in production and a new system being tested),
while the Mac OS X VPN client does not.
- Dave
There is more compatibility with Cisco VPN concentrators than folks
realize. I need to be clear here, that from Mac OS X, right now, that
means using L2TP/IPSec & PPTP, but those both work with Cisco's 3K and
5K line. The Cisco 3K line had numerous bugs which Apple was able to
identify and work-a-round with Client code changes and concentrator
config changes, but these issues were never fixed by Cisco --
customers were told to upgrade -- replace with newer box.
If you and all the others are looking for Cisco IPSec implementation
as is currently available on the iPhone OS 2.x, than I can very much
understand the problem you face. I encourage folks to file this as an
enhancement request at your earliest opportunity (if you have not
already). Keep in mind that when I ask/remind folks to submit
enhancements/bugs via bugreport.apple.com, I am NOT saying that I am
not aware of it or we do not understand the problem. I am indicating
that you need to be sure and *register* your need for a feature you
see as missing or broken -- significant value comes with submissions
directly from customers!
The point I was trying to make here is that If you and others are just
trying to provide secure VPN access from Mac OS X to Cisco 3K & 5K VPN
concentrators then you can using the built-in services. It does work
and I personally configured an Enterprise Customer's Cisco 3060 VPN
Concentrator over two years ago and they are still using it for Smart
Card-based (EAP-TLS) L2TP/IPsec. If the issue is that folks are not
aware of the bugs in the 3K line, I can provide help to allow you to
make this work.
- Shawn
_____________________________________________________
Shawn Geddis Security Consulting Engineer Apple Enterprise
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden