Professional Web Applications Themes

Connect to Cisco VPN server from FreeBSD? - FreeBSD

Hi all, As in the subject - has anyone managed to get a FreeBSD machine to connect to a Cisco VPN server, using IPSec and 2-factor authentication (password + SecurID card)? My employer has been acquired by another company, and this will soon be the only remote-access method available. Linux client software exists, but given that it relies on a kernel module I'm not holding out much hope of it working. The security/vpnc port looks like it might be useful. No idea if racoon + FreeBSD native IPSec can be persuaded to do the SecurID authentication. I would try all ...

  1. #1

    Default Connect to Cisco VPN server from FreeBSD?

    Hi all,

    As in the subject - has anyone managed to get a FreeBSD machine to connect
    to a Cisco VPN server, using IPSec and 2-factor authentication (password +
    SecurID card)? My employer has been acquired by another company, and this
    will soon be the only remote-access method available. Linux client
    software exists, but given that it relies on a kernel module I'm not
    holding out much hope of it working. The security/vpnc port looks like it
    might be useful. No idea if racoon + FreeBSD native IPSec can be persuaded
    to do the SecurID authentication.

    I would try all these things myself, except I don't have any account
    details for the server yet. I really don't want to keep a Linux or Windows
    machine around just to connect to the office...

    Many thanks in advance,

    Scott

    --
    ================================================== =========================
    Scott Mitchell | PGP Key ID | "Eagles may soar, but weasels
    Cambridge, England | 0x54B171B9 | don't get ed into jet engines"
    scott at fishballoon.org | 0xAA775B8B | -- Anon
    Scott Guest

  2. #2

    Default Re: Connect to Cisco VPN server from FreeBSD?

    Scott Mitchell wrote: 

    I have not personally used this, however I have had reports of users
    connecting to a Cisco VPN 3000 box that I administered at one point with
    the following client:

    http://www.unix-ag.uni-kl.de/~massar/vpnc/


    -Ash
    Ash Guest

  3. #3

    Default Re: Connect to Cisco VPN server from FreeBSD?

    On Sun, Apr 10, 2005 at 12:26:45PM -0500, Ash wrote: 
    >
    > I have not personally used this, however I have had reports of users
    > connecting to a Cisco VPN 3000 box that I administered at one point with
    > the following client:
    >
    > http://www.unix-ag.uni-kl.de/~massar/vpnc/[/ref]

    Thanks, that looks promising. The SecurID thing is apparently just a
    flavour of XAUTH which seems to be supported, so it might just work.

    Cheers,

    Scott

    --
    ================================================== =========================
    Scott Mitchell | PGP Key ID | "Eagles may soar, but weasels
    Cambridge, England | 0x54B171B9 | don't get ed into jet engines"
    scott at fishballoon.org | 0xAA775B8B | -- Anon
    Scott Guest

  4. #4

    Default Re: Connect to Cisco VPN server from FreeBSD?

    Scott Mitchell wrote: 
    >>
    >>I have not personally used this, however I have had reports of users
    >>connecting to a Cisco VPN 3000 box that I administered at one point with
    >>the following client:
    >>
    >>http://www.unix-ag.uni-kl.de/~massar/vpnc/[/ref]
    >
    >
    > Thanks, that looks promising. The SecurID thing is apparently just a
    > flavour of XAUTH which seems to be supported, so it might just work.
    >
    > Cheers,
    >
    > Scott
    >[/ref]

    Whoops forgot to mention that I had configured out VPN3000 to
    authenticate users using SecurID. The vpnc users were able to
    authenticate just fine.

    OT, but they were also able to use vpnc to bypass split-tunneling
    restrictions (no real surprise there).

    Good luck,
    -Ash
    Ash Guest

  5. #5

    Default Re: Connect to Cisco VPN server from FreeBSD?

    On Sun, Apr 10, 2005 at 01:41:20PM -0500, Ash wrote: 
    >
    > Whoops forgot to mention that I had configured out VPN3000 to
    > authenticate users using SecurID. The vpnc users were able to
    > authenticate just fine.
    >
    > OT, but they were also able to use vpnc to bypass split-tunneling
    > restrictions (no real surprise there).
    >
    > Good luck,
    > -Ash[/ref]

    Cool - sounds like just the thing. I look forward to trying it out as soon
    as my new overlords give me my SecurID :-)

    Many thanks,

    Scott

    --
    ================================================== =========================
    Scott Mitchell | PGP Key ID | "Eagles may soar, but weasels
    Cambridge, England | 0x54B171B9 | don't get ed into jet engines"
    scott at fishballoon.org | 0xAA775B8B | -- Anon
    Scott Guest

Similar Threads

  1. how to auto connect to freebsd
    By David in forum FreeBSD
    Replies: 3
    Last Post: March 26th, 05:01 AM
  2. TACACS+ with Cisco ACS server 3.2
    By Rick Frink in forum PERL Modules
    Replies: 0
    Last Post: August 6th, 04:26 PM
  3. Cisco logs to Debian-3.0 server problems..
    By Bill Schoolcraft in forum Debian
    Replies: 4
    Last Post: July 15th, 10:10 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139