From owner-freebsd-questions@FreeBSD.ORG Sun Apr 10 18:17:02 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3E25916A4CE for ; Sun, 10 Apr 2005 18:17:02 +0000 (GMT) Received: from mta10-winn.mailhost.ntl.com (smtpout18.mailhost.ntl.com [212.250.162.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id 20D4B43D31 for ; Sun, 10 Apr 2005 18:17:01 +0000 (GMT) (envelope-from scott@fishballoon.org) Received: from aamta02-winn.mailhost.ntl.com ([212.250.162.8]) by mta10-winn.mailhost.ntl.com with ESMTP <20050410181700.THYC12495.mta10-winn.mailhost.ntl.com@aamta02-winn.mailhost.ntl.com>; Sun, 10 Apr 2005 19:17:00 +0100 Received: from llama.fishballoon.org ([81.104.196.104]) by aamta02-winn.mailhost.ntl.com with ESMTP <20050410181659.KJFC1289.aamta02-winn.mailhost.ntl.com@llama.fishballoon.org>; Sun, 10 Apr 2005 19:16:59 +0100 Received: from tuatara.fishballoon.org ([192.168.1.6]) by llama.fishballoon.org with esmtp (Exim 4.50 (FreeBSD)) id 1DKgzR-000393-Nw; Sun, 10 Apr 2005 19:16:57 +0100 Received: (from scott@localhost) by tuatara.fishballoon.org (8.13.1/8.13.1/Submit) id j3AIGvi2005988; Sun, 10 Apr 2005 19:16:57 +0100 (BST) (envelope-from scott) Date: Sun, 10 Apr 2005 19:16:57 +0100 From: Scott Mitchell To: Ash Message-ID: <20050410181657.GB893@tuatara.fishballoon.org> References: <20050410153834.GA893@tuatara.fishballoon.org> <425961D5.8090403@speakeasy.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <425961D5.8090403@speakeasy.net> User-Agent: Mutt/1.4.2.1i X-Operating-System: FreeBSD 4.11-STABLE i386 cc: FreeBSD Questions Subject: Re: Connect to Cisco VPN server from FreeBSD? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Apr 2005 18:17:02 -0000 On Sun, Apr 10, 2005 at 12:26:45PM -0500, Ash wrote: > Scott Mitchell wrote: > >Hi all, > > > >As in the subject - has anyone managed to get a FreeBSD machine to connect > >to a Cisco VPN server, using IPSec and 2-factor authentication (password + > >SecurID card)? My employer has been acquired by another company, and this > >will soon be the only remote-access method available. Linux client > >software exists, but given that it relies on a kernel module I'm not > >holding out much hope of it working. The security/vpnc port looks like it > >might be useful. No idea if racoon + FreeBSD native IPSec can be persuaded > >to do the SecurID authentication. > > > >I would try all these things myself, except I don't have any account > >details for the server yet. I really don't want to keep a Linux or Windows > >machine around just to connect to the office... > > > >Many thanks in advance, > > > > Scott > > > > I have not personally used this, however I have had reports of users > connecting to a Cisco VPN 3000 box that I administered at one point with > the following client: > > http://www.unix-ag.uni-kl.de/~massar/vpnc/ Thanks, that looks promising. The SecurID thing is apparently just a flavour of XAUTH which seems to be supported, so it might just work. Cheers, Scott -- =========================================================================== Scott Mitchell | PGP Key ID | "Eagles may soar, but weasels Cambridge, England | 0x54B171B9 | don't get sucked into jet engines" scott at fishballoon.org | 0xAA775B8B | -- Anon