Cisco 3000 (Altiga) Win2K client?

Longar, Dennis dlongar at IBSYS.COM
Mon Apr 30 10:03:01 EDT 2001


I think you might have mis-read part of the message.

The cisco client does not require cert. The Microsoft client
for Win2K does.  So if you want to use the native MS client that
comes with 2K (there is a IPSEC transport option in 2k) it require
that you use Certificates.  I guess I didn't play with it enough to
see if it required only MS certificates, but... most likely.

Thanks!

-Dennis

> -----Original Message-----
> From: Alex Falkovich [mailto:AFalkovich at LNC.COM]
> Sent: Thursday, April 26, 2001 1:38 PM
> To: VPN at SECURITYFOCUS.COM
> Subject: Re: Cisco 3000 (Altiga) Win2K client?
>
>
> Basim,
> will the new Cisco VPN W2K client 3.0.1 do vpn with w2k
> workstations without
> using a cert?
>
> thanks.
>
> _ Alex
>
>
> >>> VPN Mailing List 01/10/01 11:33PM >>>
> I've been working directly with Cisco on this one for quite
> some time now.
> I have a copy of the beta 2.6 Cisco VPN 3000 client for
> Win2K. It works the
> same as the Win9x/NT one does, but it now installs on Win2K
> (works really
> good, I might add).   Please don't bother to ask me to email
> out copies of
> any beta clients as I am bound under NDA to not do so.
>
> I haven't confirmed this, but according to Cisco's product
> marketing for VPN
> 3000, this v2.6 client will not ship and will only be used as
> a stepping
> stone beta to test the Win2K interoperability, although the
> v2.6 client may
> be released internally for Cisco themselves.  The version 3.0
> client due out
> in end of Q1 (and possibly later) will be the new "unified"
> client which
> will talk to the VPN 3000 Series, VPN 5000 Series, IOS
> Gateway VPN routers,
> and PIX firewalls.
>
> With respect to getting the native Win2K VPN client to work
> using IPsec on
> the VPN 3000 switch, it will most certainly work, but it
> requires the use of
> certificate-based authentication as well as Active Directory.
>  You'll need
> to obtain a "server certificate" from the cert authority for
> the VPN switch
> and a certificate for each VPN client (i.e. user).  I can't
> seem to find the
> doc for implementing this on the VPN 3000 units.  If I find
> it later, I'll
> try to remember to post it to the list.
>
> In the meantime, if you need to connect Win2K users to your
> 3000 switch(es),
> you can still do so via PPTP (hold your comments, please!).
> Simply enable
> PPTP as one of the services on the 3000 switch(es) and you
> can then use the
> native Win2K PPTP VPN client.   However, the only way to
> connect Win2K IPsec
> clients  on the VPN 3000 Concentrator is via L2TP, so you'll
> eventually need
> to enable that service too.
>
> Basim S. Jaber
> Senior Systems Engineer / Remote Access Specialist
> VPN Services Division
> iPass Inc. Redwood Shores, CA
> http://www.iPass.COM
>
>
> >-----Original Message-----
> >From: David Gillett [mailto:dgillett at niku.com]
> >Sent: Wednesday, January 10, 2001 2:28 PM
> >To: VPN at SECURITYFOCUS.COM
> >Subject: Cisco 3000 (Altiga) Win2K client?
> >
> >  I seem to recall that a lot of posters had heard rumours
> of this around
> >Oct-Nov last year.  Nobody seemed to be able to get a date
> from any Cisco
> >employee, but a VAR I talked to told me he expected it to be
> out of beta
> >around Nov 15th/2000.
> >  Well, here we are Jan/2001, and the volume of 2000 users wanting to
> >connect to our 3000 is growing.  Has anyone heard anything
> since November?
> >
> >  Alternatively, has anyone gotten this to work with the
> native Win2K IPSEC
> >stuff?  Something in the release notes made me think it
> relied on Active
> >Directory, but I'm hoping I misunderstood that bit.
> >
> >David Gillett
>
> VPN is sponsored by SecurityFocus.COM
>

VPN is sponsored by SecurityFocus.COM




More information about the VPN mailing list