[strongSwan] SS5, Mode Config Push

Martin Willi martin at strongswan.org
Tue Jul 24 14:11:21 CEST 2012


Hi Kimmo,

> So, I'm just trying to figure if Cisco clients can be used against SS5
> at the moment?

Depends on what you mean by "Cisco Clients". The native clients on OSX,
iOS and Android are often called "Cisco IPsec" clients. But they are all
based on racoon and work just fine in Pull mode, don't even support push
mode.

I'm not sure about the IPsec client from Cisco itself (pre-Anyconnect),
but I think it uses Pull mode, too. This client won't work against
charon, as it does not have those Cisco Quirks (--enable-cisco-quirks)
that came with pluto. It is, as far as I know, not allowed to use these
Cisco clients against non Cisco-Gateways, btw.

Regards
Martin





More information about the Users mailing list