Hi there! Am 12.12.2017 um 16:52 schrieb David Woodhouse: > On Tue, 2017-12-12 at 16:38 +0100, Gernot Hillier wrote: >> As these changes are relevant for many Siemens colleagues using Linux, >> I'm definitely willing to continue improving them? - given that you are >> (in principle) interested in merging this feature - and that you're >> letting me know if you prefer the approach of v1 or v2 and what is still >> open from your POV. > > I like the v2 approach but without the bit where you drop the IPv6 > support. This should be applicable to other VPN types too... and we > really ought to add real Pulse support one of these days too, which > gives us IPv6 support.? Update submitted. > We know how Pulse works... it shouldn't be that hard for someone to add > it, if I can persuade someone to care... :) Do you have some pointer what you mean with "real Pulse support"? We thought we have a PulseSecure gateway and everything seems to work as intended with --juniper, at least using the Linux entrypoint. Is it about the TNC protocols ([1], [2])? I think the Windows entrypoint of our gateway uses them for authentication... [1] https://en.wikipedia.org/wiki/Trusted_Network_Connect [2] https://trustedcomputinggroup.org/wp-content/uploads/TNC_IFT_TLS_v1_0_r16.pdf -- Kind regards, Gernot Hillier Siemens AG, Corporate Competence Center Embedded Linux
