SSL VPN with the Cisco WRVS4400N

David Woodhouse dwmw2 at infradead.org
Wed Nov 14 05:05:55 EST 2012


On Wed, 2012-11-14 at 23:02 +1300, Dave Koelmeyer wrote:
> Thanks for your reply, that gives me something to start with. Looking at 
> the logs generated by QuickVPN it certainly seems to suggest that the 
> initial connection at least is made over HTTPS. My core question then is 
> if OpenConnect is potentially a solution for this, or am I barking up 
> the wrong tree and should look at vpnc, for example?

It's too early to tell. I think a tcpdump of an active connection has
indicated that IPSec was being used — so it may well end up being a
wrapper around vpnc or an extension to vpnc to make it do the initial
HTTPS negotiation. Or it might *sometimes* negotiate to use IPSec, and
sometimes do something else over the SSL connection — in which case
maybe we'd extend OpenConnect to do it, but to invoke vpnc where needed.
Or something like that.

But work out what it's doing first, and then we can debate how best to
implement it.

-- 
dwmw2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6171 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20121114/e67400de/attachment-0001.bin>


More information about the openconnect-devel mailing list