[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Windows 2000 and Cicsco router interoperability

To: Patrick Ethier <pat@secureops.com>
Subject: Re: Windows 2000 and Cicsco router interoperability
From: Mike Carney <carney@securecomputing.com>
Date: Mon, 08 May 2000 09:49:59 -0500
cc: "'Andrea Schiavoni'" <s81331@cclinf.polito.it>, ipsec@lists.tislabs.com, carney@jumpsrv.stp.securecomputing.com
In-reply-to: Your message of "Mon, 08 May 2000 10:06:57 EDT." <403626CA58D4D3119B92005004A51488012504@DOMINUS>
Sender: owner-ipsec@lists.tislabs.com


> 
> It was brought to my attention about a month ago that W2K does not support
> tunneling mode. I can't confirm whether that is true or not because I
> haven't bothered to verify it. Try changing from tunnel to transport in your
> quick mode and see if it works. Let me know, I'm curious to find out if this
> is the case.

I believe it is the case that Windows 2000 Professional only support 
L2TP as the tunneling protocol (which may be over a IPSEC transport
session).

The Server and Advanced Server editions can support IPSEC tunnels when
acting as a gateway device.

See White Paper for the Windows 2000 Server operating system entitled
Microsoft Privacy Protected Network Access: 
Virtual Private Networking and Intranet Security

I have a paper copy and I'm not sure if it came off web site or the
MSDN subscription.
Regards,
Michael Carney

>  
>  
> Regards,
>  
> ________________ 
> Patrick Ethier 
> Product Development 
> SecureOps Inc. 
> patrick@secureops.com 
> (514) 982-0678 x 106 
> (514) 982-0362 - fax 
> 
> -----Original Message-----
> From: Andrea Schiavoni [mailto:s81331@cclinf.polito.it]
> Sent: Saturday, May 06, 2000 7:57 AM
> To: ipsec@lists.tislabs.com
> Subject: Windows 2000 and Cicsco router interoperability
> 
> 
> Has anybody tried ISAKMP between W2000 and Cisco routers?
> I have tried with pre-shared secret authentication method:
> des-sha1 and des-md5 in main mode
> des-esp , des-sha1 , des-md5 and ah in quick mode
>  
> They successfully worked in main mode, but they couldn't setup the IPsec SA
> in quick mode.
> Thanks
> Andrea Schiavoni
> 
> 
> ------_=_NextPart_001_01BFB8F6.B0543940
> Content-Type: text/html;
> 	charset="iso-8859-1"
> 
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> <HTML><HEAD>
> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
> 
> 
> <META content="MSHTML 5.00.2314.1000" name=GENERATOR>
> <STYLE></STYLE>
> </HEAD>
> <BODY bgColor=#ffffff>
> <DIV><FONT color=#0000ff face=Arial size=2><SPAN class=799300014-08052000>It was 
> brought to my attention about a month ago that W2K does not support tunneling 
> mode. I can't confirm whether that is true or not because I haven't bothered to 
> verify it. Try changing from tunnel to transport in your quick mode and see if 
> it works. Let me know, I'm curious to find out if this is the 
> case.</SPAN></FONT></DIV>
> <DIV><FONT color=#0000ff face=Arial size=2><SPAN 
> class=799300014-08052000></SPAN></FONT>&nbsp;</DIV>
> <DIV><FONT color=#0000ff face=Arial size=2><SPAN 
> class=799300014-08052000></SPAN></FONT>&nbsp;</DIV>
> <DIV><FONT color=#0000ff face=Arial size=2><SPAN 
> class=799300014-08052000>Regards,</SPAN></FONT></DIV>
> <DIV><FONT color=#0000ff face=Arial size=2><SPAN 
> class=799300014-08052000></SPAN></FONT>&nbsp;</DIV>
> <DIV><FONT color=#0000ff face=Arial size=2><SPAN class=799300014-08052000>
> <P><FONT face=Arial size=2>________________</FONT> <BR><FONT face=Arial 
> size=2>Patrick Ethier</FONT> <BR><FONT face=Arial size=2>Product 
> Development</FONT> <BR><FONT face=Arial size=2>SecureOps Inc.</FONT> <BR><FONT 
> face=Arial size=2>patrick@secureops.com</FONT> <BR><FONT face=Arial size=2>(514) 
> 982-0678 x 106</FONT> <BR><FONT face=Arial size=2>(514) 982-0362 - fax</FONT> 
> </P></SPAN></FONT></DIV>
> <BLOCKQUOTE style="MARGIN-RIGHT: 0px">
>   <DIV align=left class=OutlookMessageHeader dir=ltr><FONT face=Tahoma 
>   size=2>-----Original Message-----<BR><B>From:</B> Andrea Schiavoni 
>   [mailto:s81331@cclinf.polito.it]<BR><B>Sent:</B> Saturday, May 06, 2000 7:57 
>   AM<BR><B>To:</B> ipsec@lists.tislabs.com<BR><B>Subject:</B> Windows 2000 and 
>   Cicsco router interoperability<BR><BR></DIV></FONT>
>   <DIV><FONT face=Arial size=2>Has&nbsp;anybody tried ISAKMP between W2000 and 
>   Cisco routers?</FONT></DIV>
>   <DIV><FONT face=Arial size=2>I have tried with pre-shared secret 
>   authentication method:</FONT></DIV>
>   <DIV><FONT face=Arial size=2>des-sha1 and des-md5 in main mode</FONT></DIV>
>   <DIV><FONT face=Arial size=2>des-esp , des-sha1 , des-md5 and ah in quick 
>   mode</FONT></DIV>
>   <DIV>&nbsp;</DIV>
>   <DIV><FONT face=Arial size=2>They successfully worked in main mode, 
>   but&nbsp;they couldn't setup&nbsp;the IPsec SA in quick mode.</FONT></DIV>
>   <DIV><FONT face=Arial size=2>Thanks</FONT></DIV>
>   <DIV><FONT face=Arial size=2>Andrea 
> Schiavoni</FONT></DIV></BLOCKQUOTE></BODY></HTML>
> 
> ------_=_NextPart_001_01BFB8F6.B0543940--

Follow-Ups:

Re: Windows 2000 and Cicsco router interoperability

From: Jac Kloots <Jac.Kloots@surfnet.nl>

References:

RE: Windows 2000 and Cicsco router interoperability

From: Patrick Ethier <pat@secureops.com>

Prev by Date: RE: Windows 2000 and Cicsco router interoperability
Next by Date: RE: Windows 2000 and Cicsco router interoperability
Prev by thread: RE: Windows 2000 and Cicsco router interoperability
Next by thread: Re: Windows 2000 and Cicsco router interoperability
Index(es):
- Main
- Thread