RE: [Fed-Talk] Cisco VPN through pcf
RE: [Fed-Talk] Cisco VPN through pcf
- Subject: RE: [Fed-Talk] Cisco VPN through pcf
- From: "Wade, Justin CTR OSD PA" <email@hidden>
- Date: Tue, 1 Sep 2009 12:04:15 -0400
- Thread-topic: [Fed-Talk] Cisco VPN through pcf
That's my current issue as well. While I know Snow Leopard can see the CAC
card (using either 3rd party software or X509 Anchors), how do you get Cisco
VPN to utilize the CAC card for authentication rather than a group name and
password?
Jp
-----Original Message-----
From: fed-talk-bounces+justin.wade.ctr=email@hidden
[mailto:fed-talk-bounces+justin.wade.ctr=email@hidden] On Behalf
Of Arendt, Christopher D Capt USAF AETC AFLMA/AFLMA/LGY
Sent: Tuesday, September 01, 2009 11:58 AM
To: email@hidden
Subject: RE: [Fed-Talk] Cisco VPN through pcf
Suppose the Cisco VPN requires CAC-resident certificates for client
authentication.
Is there any way to accomplish this CAC certificate client
authentication in Snow Leopard?
When I heard Snow Leopard was supporting Cisco IPsec VPN, I foolishly
assumed I could accomplish the CAC-based client authentication, but so
far, I have found no way to do this.
-----Original Message-----
From: fed-talk-bounces+christopher.arendt=email@hidden
[mailto:fed-talk-bounces+christopher.arendt=email@hidden.c
om] On Behalf Of Timothy J. Miller
Sent: Tuesday, September 01, 2009 10:43 AM
To: Joel Esler
Cc: email@hidden
Subject: Re: [Fed-Talk] Cisco VPN through pcf
On 9/1/2009 7:49 AM, Joel Esler wrote:
> I am not a Cisco VPN guy. I have the pcfs, if I could make the
> connection work within the native VPN, awesome.
The PCF is just a text file. Crack it open and it has everything you
need. Presuming you're using a group password, you'll need to reverse
that hash. Tool is here:
http://www.unix-ag.uni-kl.de/~massar/bin/cisco-decode
-- Tim
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden