[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Windows 2000 and Cicsco router interoperability

To: Ben McCann <bmccann@indusriver.com>
Subject: Re: Windows 2000 and Cicsco router interoperability
From: "CHINNA N.R. PELLACURU" <pcn@cisco.com>
Date: Wed, 10 May 2000 14:54:36 -0700 (PDT)
cc: Dan Harkins <dharkins@network-alchemy.com>, ipsec@lists.tislabs.com
In-Reply-To: <3919983C.4DDC22B1@indusriver.com>
Sender: owner-ipsec@lists.tislabs.com

I can't speak for the whole of Cisco, but the way I look at it is:

Modeconfig/Xauth are being supported as quick hack to get something to
work, and get something to customers, until there is a client that can do
IPSec and L2TP.

I beleive that it is not our long term vision, to ship Modeconfig/Xauth. I
beleive that Cisco's long term goal is to follow whatever is standardized
in the IPSRA WG, because that's what IPSRA WG is chartered to solve.

    chinna

On Wed, 10 May 2000, Ben McCann wrote:

> Dan Harkins wrote:
> > 
> >   Since when is implementation of Mode Config (or XAUTH) necessary
> > to be appropriate for remote access? Actually, Win2K seems to be
> > using _standard protocols_ (IPSec-- err, IPsec, L2TP, PPP) to
> > solve the problem. Imagine that.
> > 
> >   Dan.
> 
> I said "IMHO, an assigned virtual IP address is mandatory for remote
> access applications". Given that opinion, Mode Config is currently
> the most commonly implemented mechanism _within_ IPSEC that passes an
> IP address to a remote access client. (I know IPSRA is working on
> _new_ mechanisms but few, if any, of those mechanisms are implemented).
> 
> L2TP over IPSEC also provides this functionality. I personally consider
> L2TP+PPP overkill just to pass down an IP address to a remote client
> so I have favored IPSEC with Mode Config instead of L2TP/PPP over IPSEC.
> Mode Config is dead in the IETF but many vendors, including your
> former employer, are shipping Mode Config to provide remote access
> over IPSEC without the overhead of L2TP. Hopefully, IPSRA will define
> a new mechanism (DHCP?) that also transmits client configuration without
> the overhead of a full L2TP and PPP stack.
> 
> -Ben McCann
> 
> -- 
> Ben McCann                              Indus River Networks
>                                         31 Nagog Park
>                                         Acton, MA, 01720
> email: bmccann@indusriver.com           web: www.indusriver.com 
> phone: (978) 266-8140                   fax: (978) 266-8111
> 

chinna narasimha reddy pellacuru
s/w engineer

Follow-Ups:

Re: Windows 2000 and Cicsco router interoperability

From: Stephen Kent <kent@bbn.com>

References:

Re: Windows 2000 and Cicsco router interoperability

From: Ben McCann <bmccann@indusriver.com>

Prev by Date: RE: Windows 2000 and Cicsco router interoperability
Next by Date: Re: Windows 2000 and Cicsco router interoperability
Prev by thread: Re: Windows 2000 and Cicsco router interoperability
Next by thread: Re: Windows 2000 and Cicsco router interoperability
Index(es):
- Main
- Thread