switch to room list switch to menu My folders
Go to page: [1] 2 3 4 5 ... Last
↑↑↑ Old messages ↑↑↑            ↓↓↓ New messages ↓↓↓
[#] Tue May 21 2013 18:10:45 EDT from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

ProTip: anyone using Linux with a Cisco "AnyConnect" VPN client ... ditch the Cisco-supplied client and install OpenConnect. It's so much better than Cisco's client. Works seamlessly from the command line, and there's also a NetworkManager plugin that allows you to click right into your VPN. Very good stuff.

[#] Tue May 21 2013 22:23:23 EDT from LoanShark @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Cisco AnyConnect is pretty much standard IPsec, as far as I'm aware, so with some work it should be able to be interoperable with racoon or strongSwan, I would think, though I have not tried this.

At the office we do use a strongSwan based server with a Mac OS X client, the latter of which purports to run in a "Cisco IPsec" mode. It works. The client sucks, but that's a separate issue...

[#] Tue May 21 2013 22:25:42 EDT from LoanShark @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Otoh recent versions of Cisco servers push polices on Windows clients that require the Windows boxes to confirm that only one user is logged in. Not sure if OpenConnect deals with that crap?

[#] Wed May 22 2013 12:20:14 EDT from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Cisco AnyConnect is an SSL-based client that runs over a single TCP connection and punches through firewalls by making them think that the user is attempting to view https web sites.

Cisco hardware still supports IPSEC but that's reached using the classic "Cisco VPN Client."

[#] Wed May 22 2013 15:50:42 EDT from ax25 @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

If you want some real (and probably more insecure) fun:

You just need ssh + Python on the remote end firewall (or port forwarded device).

No udp, but it does a hell of a job in a pinch.

[#] Sat May 25 2013 22:27:40 EDT from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

hmmm ... slirp for ssh. Weird. What's the advantage to that over simply using the SOCKS server that's built into every OpenSSH client?

[#] Sat May 25 2013 22:33:01 EDT from ax25 @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

I don't have to think about the connection set-up.  It has extra bits to do dns, and you can specify networks to skip or add to forward, or let it figure out the forwarding auto-magically.  It is the next best thing to being there for me lately.  Give a remote vnc a spin via that thing, you will be impressed.

[#] Sun May 26 2013 12:21:50 EDT from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Can it do a setup where the connection is initiated by a host on the target network?

[#] Mon May 27 2013 23:04:44 EDT from ax25 @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

I have not tried that one - reverse the conection and traverse it.  I have used it to tunnel all trafic by re-pointing hosts to use regular old ip masq.

What it ends up doing is running a Python script on the far end, so I suppose you could hack it, but I have not tried your use case.  I can see why that would be useful though!

[#] Sat Jun 01 2013 23:35:41 EDT from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

I just can't say enough good things about OpenConnect. Turns out they've even got it integrated into NetworkManager so it appears in the little system tray button right next to available wireless networks etc. Just click on it, type the password, and a little padlock appears right underneath the wifi signal strength (or the plug symbol if using ethernet) to indicate that I'm on the corporate network. Seamless and perfect, just like it should be.

They've got an AnyConnect-compatible VPN server too. I'd like to try it out but I have no use for it right now, because we already bought a Cisco ASA. Maybe someday if someone needs a "VPN in teh cloud" or something...

[#] Mon Jun 03 2013 12:26:37 EDT from ax25 @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

I did play around with this one for a bit, but found it stagnated (sadly).  Nice for pooping up a peer to peer vpn between many hosts.  It did seem to suffer some issues after the tunnel was running for a bit though, so I quit using it:

[#] Mon Jun 03 2013 13:08:51 EDT from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

I tried that one too, with similar results. I wish they had implemented it as a library that could be embedded into applications that need anywhere-to-anywhere connectivity that can punch through firewalls.

[#] Mon Jun 03 2013 21:14:20 EDT from fleeb @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

I think I recall looking at n2n, but couldn't get it to work the way I expected.

I had some hopes of using it for work. I might try to review it again... I expect I didn't quite get it right the first time, as I didn't really go into it too deeply.

[#] Wed Jun 05 2013 15:23:51 EDT from LoanShark @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

They've got an AnyConnect-compatible VPN server too. I'd like to try

Ahh yes,

I knew there was some techy thing I wanted to ask you about and this was it. We of course needz it in teh cloud, lulz.

The Cisco IPsec client that ships with OS X 10.6 is so bloody unstable it has been giving me fits, and I don't think we'll be on Amazon VPC soon enough, so ocserv might be a good alternative.

[#] Thu Jun 06 2013 08:18:42 EDT from dothebart @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

nice how he says that ximian was the toad sitting under the suse tree making it starve and how removing it gave life back to suse...

[#] Thu Jun 06 2013 10:20:41 EDT from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

You are absolutely correct. Those two twits have caused more harm to Linux and Open Source than can possibly be imagined. And after the Microsoft paychecks (presumably) dried up they switched to Mac.

Nice to see SuSE recovering; they were thriving before the Ximian takeover.

[#] Mon Jun 17 2013 17:18:29 EDT from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]


SCO vs. IBM has been officially reopened.

[ ]

Can you believe this? SCO is like a villain from a really bad b-movie that just refuses to die.

[#] Mon Jun 17 2013 23:21:56 EDT from ax25 @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Good / sad - to see that PJ is still covering it.

[#] Tue Jun 18 2013 15:44:49 EDT from zooer @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

I am starting to enjoy LinuxMint. I don't remember why I didn't like it before but it is working nice on my old
laptop. Can't decide if I like Cinnamon or MATE better, MATE is rumored to take up less resources but I like
things about Cinnamon.

[#] Tue Jun 18 2013 21:01:07 EDT from zooer @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Instant server.... for 35 minutes

Go to page: [1] 2 3 4 5 ... Last