[ previous ] [ next ] [ threads ]
 
 From:  "Brian" <mono at ricerage dot org>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] IPSEC Clients that work with m0n0wall
 Date:  Mon, 22 Mar 2004 13:32:09 -0500 (EST)
Hm. I'm not convinced that's true.

http://www.cisco.com/en/US/tech/tk583/tk372/tech_configuration_examples_list.html

Having taken a look at the examples provided by Cisco at the above URL
(specifically the section concerning PIX<-->Netscreen firewalls), there
doesn't appear to be anything propriatary at all about this. Considering
there are examples listed for interoperability between the PIX and many
other vendors' implementations, I'd have to say your conclusion is false.
Bearing in mind this is a PSK auth situation, perhaps this is true with
certificate based authentication?

In any event, can someone with a PIX take a look at the URL above, and try
again per this example? I'd love to know for sure.

 Brian

> That is because for some reason Cisco uses a propriatary authentication
> system on the PIX that only works with other PIX boxes.  If you are
> stuck with cisco hardware, which isn't a bad thing, you need to use a
> Cisco 3000 VPN concentrator.
>
> Jean-Francois Theroux wrote:
>
>> Falcor wrote:
>>
>>> Hi all, please do not ignore this post.  I know I could search the
>>> archives but I am in the middle of writing the how-to IPSEC with
>>> m0n0wall document and just wanted to include all clients that work
>>> with IPSEC.  E.g. what client software have you found that will allow
>>> you to use the roaming IPSEC connections back to your m0n0wall.  If
>>> you don't mind, please include the URL where it can be downloaded
>>> form, and include weather or not it is free.
>>>
>>> I hope to have this done in the next few hours and it should be as
>>> good as the PPTP document, on that same note I have an update to the
>>> PPTP document that I need to get out.
>>>
>>> -F
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>>
>> A m0n0wall to Cisco PIX how-to would be nice. I tried for a while, but
>> it was never able to negotiate the pre-shared key. Although the
>> settings the m0n0 box and the PIX were the same.
>>
>> -jf
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>