[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Suse VPN Cisc (In english)



Are you trying to use the client on a dual nic box? I have been using their client for some time and there are issues:

1. Enabling local lan does not work, in fact on the newer version listed below enabling local lan kills both lans(really nice if you ask me ;-) ) 2. In a dual nic situation the client does not know which nic to use therefore it uses both / neither, SuSEfirewall is a no go. 3. There is a newer release of the client at cisco's iste(something like 3.6.1).

What I do to connect is have the client installed and configured on one of my inside machines which is routed through my firewall server and then everything works when I issue the connect command. Somethings to be aware of though - the client script can not override settings on the VPN concentrator like password saving, group settings, etc. and ensure you have a good timeout set otherwise you will be booted very quickly. I am currently working with FreeS/WAN to get a server type configuration setup to replace the cisco client and do a LAN to LAN style connection so that I can get the full functionality that I require. Good luck, hope this helps

Franck wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ERROR in my ifconfig, the good are here :
# ifconfig -a

cipsec0   Lien encap:Ethernet  HWaddr 00:00:00:00:00:00
         BROADCAST MULTICAST  MTU:1400  Metric:1
         RX packets:10 errors:0 dropped:0 overruns:0 frame:0
         TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 lg file transmission:100
         RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

eth0      Lien encap:Ethernet  HWaddr 00:00:E8:96:08:25
         inet adr:192.168.0.1  Bcast:192.168.0.255  Masque:255.255.255.0
         adr inet6: fe80::200:e8ff:fe96:825/10 Scope:Lien
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:2494 errors:0 dropped:0 overruns:0 frame:0
         TX packets:3109 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 lg file transmission:100
         RX bytes:400013 (390.6 Kb)  TX bytes:1740787 (1.6 Mb)
         Interruption:10 Adresse de base:0x3000

lo        Lien encap:Boucle locale
         inet adr:127.0.0.1  Masque:255.0.0.0
         adr inet6: ::1/128 Scope:Hôte
         UP LOOPBACK RUNNING  MTU:16436  Metric:1
         RX packets:41747 errors:0 dropped:0 overruns:0 frame:0
         TX packets:41747 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 lg file transmission:0
         RX bytes:14670706 (13.9 Mb)  TX bytes:14670706 (13.9 Mb)

ppp0      Lien encap:Protocole Point-à-Point
         inet adr:81.48.76.177  P-t-P:81.48.76.1  Masque:255.255.255.255
         UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
         RX packets:8420 errors:0 dropped:0 overruns:0 frame:0
         TX packets:11184 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 lg file transmission:3
         RX bytes:2313621 (2.2 Mb)  TX bytes:978756 (955.8 Kb)

sit0      Lien encap:IPv6-dans-IPv4
         NOARP  MTU:1480  Metric:1
         RX packets:0 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 lg file transmission:0
         RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

#ifconfig -a

lo        Lien encap:Boucle locale
         inet adr:127.0.0.1  Masque:255.0.0.0
         adr inet6: ::1/128 Scope:Hôte
         UP LOOPBACK RUNNING  MTU:16436  Metric:1
         RX packets:40047 errors:0 dropped:0 overruns:0 frame:0
         TX packets:40047 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 lg file transmission:0
         RX bytes:14073231 (13.4 Mb)  TX bytes:14073231 (13.4 Mb)

ppp0      Lien encap:Protocole Point-à-Point
         inet adr:81.48.76.177  P-t-P:81.48.76.1  Masque:255.255.255.255
         UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
         RX packets:4562 errors:0 dropped:0 overruns:0 frame:0
         TX packets:6327 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 lg file transmission:3
         RX bytes:503251 (491.4 Kb)  TX bytes:409276 (399.6 Kb)

sit0      Lien encap:IPv6-dans-IPv4
         NOARP  MTU:1480  Metric:1
         RX packets:0 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 lg file transmission:0
         RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

ipsec0    Lien encap:Protocole Point-à-Point
         inet adr:81.48.76.177  Masque:255.255.255.255
         UP RUNNING NOARP  MTU:16260  Metric:1
         RX packets:0 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 lg file transmission:10
         RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

ipsec1    Lien encap:IPIP Tunnel  HWaddr
         NOARP  MTU:0  Metric:1
         RX packets:0 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 lg file transmission:10
         RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
ipsec2    Lien encap:IPIP Tunnel  HWaddr
         NOARP  MTU:0  Metric:1
         RX packets:0 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 lg file transmission:10
         RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

ipsec3    Lien encap:IPIP Tunnel  HWaddr
         NOARP  MTU:0  Metric:1
         RX packets:0 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 lg file transmission:10
         RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

eth0      Lien encap:Ethernet  HWaddr 00:00:E8:96:08:25
         inet adr:192.168.0.1  Bcast:192.168.0.255  Masque:255.255.255.0
         adr inet6: fe80::200:e8ff:fe96:825/10 Scope:Lien
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:246 errors:0 dropped:0 overruns:0 frame:0
         TX packets:456 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 lg file transmission:100
         RX bytes:33454 (32.6 Kb)  TX bytes:414668 (404.9 Kb)
         Interruption:10 Adresse de base:0x3000

I have searched on forums, web and newsgroups, but i find nothing for my
problem.
Anyone have this problem ??
Could you help my for my VPN connexion ?

Thanks for all and sory for m poor english .. I'm a french'user ;-)

@+

- -- Franck

\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
franck@xxxxxxxxxxxxxxxxx
Fingerprint : 20F4 DBE5 7234 52D6 3610  BB17 D73C 1F7A 9E64 F6A1

http://www.linuxpourtous.com
Clef PGP : http://www.linuxpourtous.com/download/franck_linuxpourtous.asc
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)

iD8DBQE9uk3t1zwfep5k9qERAji0AJ9SrNqohiknb3JIyl8vJmaKFZpC1QCfUlUu
mUnQgzrxYJlRlu9rCSvJPEo=
=7fEr
-----END PGP SIGNATURE-----



--

/*Weyco* Group/

Duane Kehoe
EC / Programmer / Analyst

Phone # 414.908.1814
Fax # 414.908.1601
Email: dkehoe@xxxxxxxxxxxxxx



--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here