On Thu, 12 Jan 2012, Matej Cepl wrote:
Dne 14.11.2011 17:49, Lucas napsal(a):
Have anyone here tried to compile cisco vpn for Fedora 16 - 32 or 64
bit? I need it sometimes and it should support ipsec over tcp,
unfortunately nothing in unix can provide it.
I am not sure if the tcp port 10000 can be implemented from a cisco
licence point of view. If any kind of fake tcp is implemented to tunnel
IPsec, it's probably best to stick it on port 443. The tor people know a
lot about faking https traffic to circumvent a lot of deep packet
inspectors.
But really, if a network administrator blocks udp 4500 so that IPsec
NAT-T is failing, you are basically on a network not welcome to IPsec.
Whether you should attempt port 10000 tcp on such a network, I don't
know....
Also, I use pretty happily openswan (via NetworkManager-openswan, you
probably need most recent versions) with our Cisco concentrators.
Perhaps it is time to turn these cisco's into RHEL servers with openswan
:)
Paul
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
