Re: [Fed-Talk] Cisco VPN Client 4.9.01 (0800) for Mac OSX 10.5. 3 up and Fix
Re: [Fed-Talk] Cisco VPN Client 4.9.01 (0800) for Mac OSX 10.5. 3 up and Fix
- Subject: Re: [Fed-Talk] Cisco VPN Client 4.9.01 (0800) for Mac OSX 10.5. 3 up and Fix
- From: "Shawn A. Geddis" <email@hidden>
- Date: Thu, 2 Oct 2008 10:59:29 -0400
Peter,
There is no Updated Leopard version...
If you have timeouts, this would mean that your concentrator performs
a hard disconnect on the client. The Apple Client would not provide
any magic here and transparently reconnect because you would be forced
to re-authenticate to the Concentrator/Authentication Service.
You cannot simply yank an iPhone service like this out of the
developers tools. Again, I request folks add their need for IPSec VPN
connectivity as an enhancement via bugreport.apple.com ....
-Shawn
On Oct 2, 2008, at 10:50 AM, Peter Link wrote:
Shawn,
I'm ready to test the updated Leopard version when it's ready since
that's my normal connection to work. We have timeouts on our VPN
connection so it will be interesting to see how this works and if
the Apple VPN client can reconnect without problems. Any way of
extracting the iPhone VPN client from the developer tools????
On Oct 2, 2008, at 7:45 AM, Dave Schroeder wrote:
Peter,
We worked with Apple to make the iPhone Cisco VPN support very
robust. It is able to support pretty much every Cisco IPsec
configuration we've thrown at it. We are really hoping this support
will get added to the Leopard VPN client...
- Dave
On Oct 2, 2008, at 9:40 AM, Peter Link wrote:
Hi Shawn,
You know my answer. You provided instructions on how to set
everything up but our VPN IT staff just doesn't have the time to
do it.
Andrew,
Is Cisco actually offering a (0800) version? I haven't seen
anything beyond (0100). It doesn't sound good that it still isn't
working even with the update.
Dave,
With the iPhone VPN client, do you have to change or configure
anything on the Cisco side, like allowing L2TO over IPSec?
On Oct 2, 2008, at 7:32 AM, Dave Schroeder wrote:
Shawn,
The built-in Mac OS X VPN client *does not* support all Cisco
enterprise VPN concentrators.
However, the iPhone VPN client does: <http:// www. apple.com/iphone/enterprise/integration.html
> ...if only the iPhone Cisco IPsec VPN support would get rolled
into Mac OS X's VPN client, we would be VERY happy.
Indeed, the iPhone VPN client works fine with our Cisco VPN
concentrator (both in production and a new system being tested),
while the Mac OS X VPN client does not.
- Dave
On Oct 2, 2008, at 9:23 AM, Shawn A. Geddis wrote:
Andy et. al.,
What are the issues preventing folks using the VPN services
built-in to Mac OS X ?
The one biggest obstacle for Federal folks using the Cisco
Client is that it does not make use of Mac OS X's Security
Framework and hence has no Smart Card support. This would seem
to be a big blocker for many, unless you all are still not using
your Smart Cards for these services.
Yes, here @ U.S. Senate is currently using VPN Client v4.9.01
(0800) for Mac.
R/ Andy
From: Peter Link
To: Kim, Andrew (SCC); email@hidden Talk
Sent: Thu Oct 02 10:13:07 2008
Subject: Re: [Fed-Talk] Cisco VPN Client 4.9.01 (0800) for Mac
OSX 10.5. 3 up and Fix
Are you actually running 4.9.01 (0800) or (0080)? The latest I
found was (0100). I've seen Automator applications that combine
this command line with the prompt for an admin logon and
password. It still would be nice if Cisco would fix the
problem, since this one is theirs.
- Shawn
_____________________________________________________
Shawn Geddis Security Consulting Engineer Apple
Enterprise
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
@doit.wisc.edu
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
Peter Link
Cyber Security Analyst
Cyber Security Program
Lawrence Livermore National Laboratory
PO Box 808, L-315
Livermore, CA 94550
email@hidden
Peter Link
Cyber Security Analyst
Cyber Security Program
Lawrence Livermore National Laboratory
PO Box 808, L-315
Livermore, CA 94550
email@hidden
- Shawn
________________________________________
Shawn Geddis T (703) 264-5103
Security Consulting Engineer C (703) 623-9329
Apple Enterprise Division email@hidden
11921 Freedom Drive, Suite 600, Reston VA 20190-5634
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden