[X4U] Tiger and Cisco VPN

John Baltutis baltwo at san.rr.com
Fri Aug 19 12:23:12 PDT 2005 

On 08/18/05, "Michael J. Prevost" <mprevost at dot4.com> wrote:
>
> A couple months back there was some discussion about the possibility
> that Tiger's VPN support might be able to connect to Cisco's VPN
> products.
>
> Has anyone gotten Tiger's VPN to connect to Cisco VPN products (PIX in my
> case)? My attempt failed and I don't see any options or parameters to change.

>From today's TidBITS digest:

VPN Article Update
Posted by: kevinv Date: Aug 18, 2005.

Couple of updates on my recent VPN article:

<<http://db.tidbits.com/getbits.acgi?tbart=08209>http://db.tidbits.com/getbits.acgi?tbart=08209>

Don McGilvery notified me that Cisco has a released a new VPN client. The
latest is 4.7.00 and it fixed a system preferences proxy settings bug when
running on 10.4.x systems. Cisco really seems to be having trouble with
10.4. VPN Tracker is pushing its (virtually?) complete support for Cisco
VPN's. I don't have access to a Cisco VPN so I haven't ever used their
client software.

I can't find release notes on Cisco's sites yet, but I did find a posting
at a university indicating these other fixes were also included:

>*fixed - unity mac gui split tunnels will not pass traffic 10.4
>*fixed - unity mac switching networks prevents client connect 10.4
>*fixed - unity mac proxy information ignored by client
>*fixed - unity mac 10.4 does not inherit search domains with vpn
>*fixed - unity mac 10.4 classic traffic fails over tunnel

Alan Oppenheimer, with Open Door Networks makers of DoorStop X firewall,
reminded me that the IANA's port listing is exceedingly useful if you're
used to digging around in the innards of a UNIX system, but for Mac users
it isn't particularly friendly (or complete). He recommends Open Door's
port listing which lists Mac applications like iChat and "semi-official"
ports that IANA doesn't. Can't say I disagree.

<<http://www.opendoor.com/doorstop/ports.html>http://www.opendoor.com/doorstop/ports.html>


Steve Peterson recommends Apple's port list:
<<http://docs.info.apple.com/article.html?artnum=106439>http://docs.info.apple.com/article.html?artnum=106439>

But more importantly corrects my mistake where I stated that Apple Remote
Desktop won't work with SSH port forwarding because SSH port forwarding
can't work with UDP. SSH can't work with UDP, but ARD works over TCP (port
5900).

More information about the X4U mailing list