On Fri, 2004-07-23 at 18:22, Kenneth Porter wrote: > --On Friday, July 23, 2004 2:34 PM -0700 John Wendel > <john.wendel@xxxxxxxxxxxxxxx> wrote: > > > As far as I know, the Cisco vpn client doesn't support split tunneling. I > > think there is another open source client "vpnc" and "kvnpc" that has > > been mentioned on this list that does support split tunneling, but I've > > never used it. > > That would explain the problem. I'd heard about vpnc but haven't tried it: > > <http://www.unix-ag.uni-kl.de/~massar/vpnc/> > > The problem is that my peer uses a Windows directory to authenticate > against and vpnc requires: > > (From the README) > > If you don't know the Group ID and Secret string, ask your > > administrator. If (s)he declines and refers to the > > configuration files provided for the vpnclient program, tell > > him/her that the contents of that files is (though scrambled) > > not really protected and can be extracted using tools shipped > > with any Linux distribution. > > But I now notice that there's a tool on the vpnc page to reverse out the > group password from the Cisco profile for use in the vpnc config. So I may > try that out. I shudder to think that Cisco has such a potentially huge security problem in their VPN clients. -- Scot L. Harris webid@xxxxxxxxxx Stupidity got us into this mess -- why can't it get us out?
