[ipv6hackers] IPv6 implications on IPv4 nets: IPv6 RAs, IPv4, and VPN "evasion"
Fernando Gont
fgont at si6networks.com
Mon Oct 15 03:52:57 CEST 2012
On 09/05/2012 11:39 PM, Jim Small wrote:
>> I can confirm the same with F5 BigIP Edge Gateway SSL VPN software,
>> and Cisco VPN.
>
> So to clarify, the End of Life Cisco VPN Client (the older
> IPsec/IKEv1 client) is oblivious to IPv6. Even if you have a full
> tunnel setup, it only works for IPv4. IPv6 traffic completely
> bypasses the VPN. This could be good or bad depending on your point
> of view.
>
> With the current VPN Client, AnyConnect (SSL/DTLS/IPsec+IKEv2), this
> is not true. AnyConnect is IPv6 aware since v2.5 (released in early
> 2010). AnyConnect fully supports IPv4/IPv6 including
> full/split-tunneling, filtering, or firewalling either one.
Key question: what's the default setting?
Cheers,
--
Fernando Gont
e-mail: fernando at gont.com.ar || fgont at si6networks.com
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
--
Fernando Gont
SI6 Networks
e-mail: fgont at si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
More information about the Ipv6hackers
mailing list