Subject: Re: Patches to use racoon as a server for Cisco VPN client
To: Hubert Feyrer <>
From: Ignatios Souvatzis <>
List: tech-net
Date: 09/07/2004 19:40:07
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Sep 07, 2004 at 05:00:58PM +0200, Hubert Feyrer wrote:
> On Tue, 7 Sep 2004, Christoph Kaegi wrote:
> > > > Is there any way to do the opposite of this (use NetBSD as a VPN cl=
ient to
> > > > a Cisco server/"concentrator"), as vpnc does?
> > >
> > > Yes, now I understand the way the protocol works, I can do that easil=
> >
> > I'd be *very* interested in this functionality also :-)
> If the vpnc solution is enough, there's a package in pkgsrc-wip (iirc),
> and a (german language, sorry -- i should really get to translate it!)
> documentation available here:

Which reminds me...

I don't remember whether I mentioned this to Hubert already, but
with vpnc-0.2 (and up) you have to use a kernel *without* IPSEC_ESP (at
least), else those packets aren't available to the raw IP sockets that
vpnc apparently uses. (It does *everything* in userland.)


Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.3 (NetBSD)