10-10-2013 12:49 PM
I am currently working with Cisco IOS on one one side and Linux VPN opened source software. So far I have produced these documents which can be fully relied upon:
I am currently working with someone from Slovakia onto this one:
My last attempt is to have Shrew VPN Client (which fails) to feed the Cisco IOS end with a certificate issuer information.
I can now state that the ipsec-tools v0.8.0 (which succeeds) pay attention onto the issuer information of the client certificate. A grep -i issuer onto ipsec-tools (aka racoon) sources shows lots of meaningful information.
When I shall prove that when paying attention onto the issuer part of the certificate and feeding te Cisco IOS peer with the corresponding payload, then I will be able to turn all conditionals in my sentences to certainties and also be able to fill in the SOLUTION or RESPONSE section in the last URL.
11-04-2013 09:15 AM
is almost complete. I have just to prove that under Cisco IOS Version 15 that there is no problem with Mutual RSA + Main mode + XAuth combined with NAT-T v03 NAT-T negiotiation.
Meanwhile I produced a new document involving Cisco IOS and Open PKI. The document is complete and can be viewed at http://vouters.dyndns.org/tima/Linux-Cisco-OpenCA-
12-21-2013 05:01 AM
This at http://vouters.dyndns.org/tima/Linux-Shrew-Cisco_I
Meanwhile I have been working on http://vouters.dyndns.org/tima/Linux-Cisco_IOS-Rad
12-28-2013 12:16 PM
We are on Staurday, Dec 28 2013 at 21:11PM. All the work on the mentionned URL links is fully complete and tested. A great thank you to Esteban Lopez working for Softel ( http://www.softel.mx/) in Mexico city.
Philippe Vouters (Fontainebleau/France)