Weblog entry #139 for ajt

Cisco VPN...
Posted by ajt on Tue 12 Aug 2008 at 20:41
Tags: ,

Work provide me a notebook running Windows to access the corporate network with. As I mostly want to access Linux/AIX systems and I have only Linux systems at home it's a great inconvenience having to use substandard Microsoft rubbish. The previous Microsoft VPN client (PPTP) did have one saving grace, apparently it did a split route, so when connected via VPN to work I was also connected to my home network via the LAN. This meant I could use my keyboard, mouose and screen which are vastly superior to a notebook and decent Linux console clients which are better than PuTTY on Windows (though PuTTY isn't that bad really).

The new VPN clien is Cisco and doesn't do a split tunneling. While this is almost certainly a more secure design than the Microsoft rubbish I was forced to use previously, it's also highly annoying...

 

Comments on this Entry

Posted by Anonymous (208.106.xx.xx) on Wed 13 Aug 2008 at 02:20
check out the vpnc package. ymmv depending on configuration/authentication options that have been configured on the server end, but i was able to configure the client to connect to a former company's cisco (don't remember many details). vpnc allowed the selection of which networks to route over the vpn.

[ Parent | Reply to this comment ]

Posted by ajt (204.193.xx.xx) on Wed 13 Aug 2008 at 08:34
[ View Weblogs ]

Interesting, I'll have to have a look at that...

--
"It's Not Magic, It's Work"
Adam

[ Parent | Reply to this comment ]

Posted by Anonymous (150.101.xx.xx) on Fri 15 Aug 2008 at 07:56
I have the same issue with the Cisco VPN at my work.

I didn't realise vpnc could handle Cisco VPN connections... have been using the Cisco VPN Linux client. will have to check it out...

[ Parent | Reply to this comment ]

Posted by Eirik (129.177.xx.xx) on Mon 18 Aug 2008 at 17:02
As the last poster commented, you should be able to use the cisco vpn client (used to be a monster with some binaray only blob, a kernel module and lots of other nastiness -- among other things no split routing).

As you guess, the no split routing is by design -- and an argument could be made that is "more secure".

Best of luck!

-e

[ Parent | Reply to this comment ]