[ipv6hackers] IPv6 implications on IPv4 nets: IPv6 RAs, IPv4, and VPN "evasion"

Fernando Gont fgont at si6networks.com
Mon Oct 15 03:52:57 CEST 2012


On 09/05/2012 11:39 PM, Jim Small wrote:
>> I can confirm the same with F5 BigIP Edge Gateway SSL VPN software,
>> and Cisco VPN.
> 
> So to clarify, the End of Life Cisco VPN Client (the older
> IPsec/IKEv1 client) is oblivious to IPv6.  Even if you have a full
> tunnel setup, it only works for IPv4.  IPv6 traffic completely
> bypasses the VPN.  This could be good or bad depending on your point
> of view.
> 
> With the current VPN Client, AnyConnect (SSL/DTLS/IPsec+IKEv2), this
> is not true.  AnyConnect is IPv6 aware since v2.5 (released in early
> 2010).  AnyConnect fully supports IPv4/IPv6 including
> full/split-tunneling, filtering, or firewalling either one.

Key question: what's the default setting?

Cheers,
-- 
Fernando Gont
e-mail: fernando at gont.com.ar || fgont at si6networks.com
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1




-- 
Fernando Gont
SI6 Networks
e-mail: fgont at si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492







More information about the Ipv6hackers mailing list