From owner-freebsd-net@FreeBSD.ORG Sun Apr 22 17:12:54 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 00D3816A400 for ; Sun, 22 Apr 2007 17:12:54 +0000 (UTC) (envelope-from cybercorecentre@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.171]) by mx1.freebsd.org (Postfix) with ESMTP id 8DABB13C45B for ; Sun, 22 Apr 2007 17:12:53 +0000 (UTC) (envelope-from cybercorecentre@gmail.com) Received: by ug-out-1314.google.com with SMTP id 71so1080885ugh for ; Sun, 22 Apr 2007 10:12:52 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:subject:content-type:content-transfer-encoding; b=qV3BkQD6izmHg0EENh+yyuJNaCKbD4MMzRooejbVNlCdq2YzzUcwnrLlXqPKgfX/Kuu4H5OWRET2DW3eZKJCVrMsl2NoAl/Fajt8JSWh9NZ4NY6Ofw/YJF/IzZjFAmNQwEfIrousr+jf5N+DGqGNPD6+WdtsmFdDWU++P7yUnmw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:user-agent:mime-version:to:subject:content-type:content-transfer-encoding; b=HCYJN8HPliEuM+pjmHEmPQiwLDIZ3ze3ZtSpZ+U9UV6szR1vB9QgiqoSxyAGrEihCdjjHwGiCClJJARgj6N7bICRJ95cq1PVslZNDyTLvy4/PpCYd/2e8gHXzUUQ5dz2ImXk9rD54+Z+M2mtm0hph7nDqtRH+Y9NEtx2eJW45W8= Received: by 10.66.248.5 with SMTP id v5mr4491382ugh.1177260508391; Sun, 22 Apr 2007 09:48:28 -0700 (PDT) Received: from ?192.0.0.52? ( [62.77.228.138]) by mx.google.com with ESMTP id o24sm10464942ugd.2007.04.22.09.48.27; Sun, 22 Apr 2007 09:48:27 -0700 (PDT) Message-ID: <462B911A.9090909@gmail.com> Date: Sun, 22 Apr 2007 18:45:14 +0200 From: Jax User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Off: vpnc haxx X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Apr 2007 17:12:54 -0000 Hi folks! This won't be exactly bsd specific topic but I saw others posted about vpnc so I think some of you have a clue about cisco devices and ios ;) I have a small problem with the ezvpn connector itself not with the connection because that's establish perfectly. So I have a cisco vpn router somewhere ( where I don't have admin rights so I can't modify anything ). All vpn client get ip from a 172.16.2.X pool. My first question is: is there any way to force the clients to use the same ip after reconnect without configuring the cisco device? As I saw this is impossible in windows and in linux or in bsd I can use a vpnc connect script that's true to modify the tunnel parameters but here is a little problem, if I modify it then everything will be unaccessible in the vpn, like the router does not accept my traffic from that point (it didn't disconnect me). Ok so if I have 2 client on this subnet they can reach each other via encrypted tunnel. Thats cool and it works under linux and bsd but not in windows. It took me some time to find out there is a secured route, what the router secure :) 192.168.X whatever (this address rage is a remain of an old setup and now it's not in use anymore) and the windows client does not allow to access the 172.16.2.X range since an upgrade from 4.6. Have you got any idea how can I do some hook here to accept the client communication like between a bsd and linux client on the vpn? Router ---------------------------------------->C 172.16.2.3 172.16.2.14 Thanks! Jax