Subject: Re: Cisco VPN interop
To: None <>
From: Wolfgang S. Rupprecht <>
List: current-users
Date: 01/24/2004 20:33:53 (Thor Lancelot Simon) writes:
> Ha!  No, you can't use racoon nor isakmpd to talk to a Cisco configured
> that way, because it's using the nonstandard and dangerous XAUTH
> extension to IKE.  But what's pretty funny is that using IKE that way
> lets *any* customer steal any other customer's
> password. [...]

Wow.  What a bombshell.  Thanks for spotting this f-up.  I'll
certainly pass the info on to Sonic.  They're a small independent ISP
that prides itself in doing things better than the big big boys.  This
will almost certainly make them wince in embarrassment -- hopefully
followed by them reaming Cisco a new one.

Wolfgang S. Rupprecht
       The above "From:" address is valid.  Don't mess with it.