Re: [Fed-Talk] VPN in Snow Leopard
Re: [Fed-Talk] VPN in Snow Leopard
- Subject: Re: [Fed-Talk] VPN in Snow Leopard
- From: "Nichols, Jared" <email@hidden>
- Date: Thu, 27 Aug 2009 08:14:28 -0400
- Acceptlanguage: en-US
- Thread-topic: [Fed-Talk] VPN in Snow Leopard
One thing I found (and submitted a bug report for) is that the built
in CiscoVPN client ignored the split tunneling setting as pushed down
by our VPN concentrators. So, if you're in an environment that
disables split tunneling when you're VPNed (i.e. ALL of your traffic
is forced through the VPN) you may want to make sure this works before
relying on the built-in client.
Last I checked (and I think it was with the GM release) this was not
fixed. I can try it tonight to be doubly sure. I have been using the
actual Cisco VPN client (4.9.01 100) with success.
j
---
Jared F. Nichols
Desktop Engineer, Infrastructure & Operations
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436
On Aug 26, 2009, at 2:56 PM, Joel Esler wrote:
The real question is, will I have to do funky things upon upgrade, or
will Snow Leopard get the Certificates out of the Cisco VPN directory
and use them?
J
On Wed, Aug 26, 2009 at 2:45 PM, Bill Vlahos<email@hidden> wrote:
Shawn,
So the Cisco VPN client is included (like on the iPhone). Fantastic.
Bill Vlahos
AeroVironment, Inc.
IT Manager
UAS
email@hidden
805-581-2187 (Office)
805-584-6910 (FAX)
NASDAQ: AVAV
www.avinc.com
CONFIDENTIALITY STATEMENT: This electronic message transmission
contains
information from AeroVironment, Inc. and is confidential and/or
proprietary.
The information is intended only for the use of the individual or
entity
named above. If you are not the intended recipient, be aware that
any
disclosure, copying, distribution or use of the contents of this
message is
prohibited. If you have received this electronic transmission in
error,
please send a reply notification and/or notify us by telephone
(626-357-9983) immediately and delete this message from your
computer.
On Aug 26, 2009, at 10:39 AM, Shawn A. Geddis wrote:
To clear up the confusion that has already started on this list
regarding
VPN enhancements in Snow Leopard.... and to try and keep it simple:
Mac OS X 10.5.x "Leopard" VPN Support:
L2TP / IPSec (Layer Two Tunneling Protocol *over* IPSec)
(IPSec config not modifiable by
Admin/User)
PPTP (Point-to-Point Tunneling Protocol)
Mac OS X 10.6.x "Snow Leopard" VPN Support:
L2TP / IPSec (Layer Two Tunneling Protocol *over* IPSec)
(IPSec config not modifiable by
Admin/User)
PPTP (Point-to-Point Tunneling Protocol)
Cisco IPSec (Native IPSec - Certified with Cisco's IPSec
implementation)
(*MAY* work with other vendor IPSec
implementations)
Authentication:
- Machine Authentication: Shared Secret -
OR-
Certificate
- Group Name
Snow Leopard available on Friday...
- Shawn
_____________________________________________________
Shawn Geddis - Security Consulting Engineer - Apple Enterprise
On 8/26/09 1:05:59 PM, "Smith, Michael ERDC-CRREL-NH"
<email@hidden>
But Snow Leopard will support the Cisco extensions to IPSec.
On 8/26/09 12:33 PM, "Miller, Timothy J." <email@hidden>
wrote:
On 8/26/09 12:25 PM, "Durham, James A JR CIV DISA JITC"
<email@hidden> wrote:
Looks like the next release of Mac OS X, SnowLeopard will support
IPsec...
Apple has always supported IPsec. Cisco VPNs aren't standard
IPsec.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden