How does the VPN'n in 10.2 work?
Have any of you guys using the dev builds of Jaguar tried the VPN features?
I know it's supposed to work now, since it's using PPPT, but have you tried it?
How did you go about connecting? Just set a location with the dial-in settings and go town or what? Will a client app be necessary (it shouldn't be should it?)?
I'm curious because a lady I know is waiting for 10.2 to make the switch from windows. She wants to be able to get into her company's network as well as she can with XP.
Is it doable?
thanks for ANY info you may have to share.
I know it's supposed to work now, since it's using PPPT, but have you tried it?
How did you go about connecting? Just set a location with the dial-in settings and go town or what? Will a client app be necessary (it shouldn't be should it?)?
I'm curious because a lady I know is waiting for 10.2 to make the switch from windows. She wants to be able to get into her company's network as well as she can with XP.
Is it doable?
thanks for ANY info you may have to share.
Comments
<strong>Have any of you guys using the dev builds of Jaguar tried the VPN features?
I know it's supposed to work now, since it's using PPPT, but have you tried it?
How did you go about connecting? Just set a location with the dial-in settings and go town or what? Will a client app be necessary (it shouldn't be should it?)?
I'm curious because a lady I know is waiting for 10.2 to make the switch from windows. She wants to be able to get into her company's network as well as she can with XP.
Is it doable?
thanks for ANY info you may have to share.</strong><hr></blockquote>
I believe that it depends on how her company is handling VPN. If the company is using Cisco's concentrators, don't expect much luck from Jaguar. Cisco puts some propiertary software on top of the VPN protocols. However, probably anything else will work.
If they are using Cisco products, Cisco does provide some code that runs fairly well on 10.1.5. I have no idea if the same code would work on 10.2. I would be a bit surprised if it does, though.
<strong>I have no idea if the same code would work on 10.2. I would be a bit surprised if it does, though.</strong><hr></blockquote>
Why? <img src="confused.gif" border="0">
Not sure what happens with Cisco stuff. Apple document that their implementation of VPN supports the common standards so any proprietary extensions would require proprietary drivers/protocol stacks...
If CISCO already has VPN software for Mac OS X, if it doesn't already work with 10.2 it probably won't take them long to update it.
<strong>
Why?
Implementation of VPN means a modification to the kernel as it alters the way that TCP/IP is handled on the machine.
In the linux world, an update to the minor version of the kernel (i.e 2.0 to 2.2 to 2.4) made the Cisco code incompatible. I would be a bit surprised if the same doesn't happen on a BSD kernel. However, in fairness, BSD has been ahead of linux of how TCP/IP is handled, so it's quite possible that there aren't major changes in that subsystem.
If it is incompatible, I would expect Cisco to release an update somewhat quickly (it took a while on Linux, though). The unfortunate part, though, is that the average person can't download the code from the Cisco site - you have to be a Cisco customer to get it. So, it means that the IT department of your company has to download it for you... If they don't like to support Macs, then best of luck
Brian
<strong>
Why?
Implementation of VPN means a modification to the kernel as it alters the way that TCP/IP is handled on the machine.
In the linux world, an update to the minor version of the kernel (i.e 2.0 to 2.2 to 2.4) made the Cisco code incompatible. I would be a bit surprised if the same doesn't happen on a BSD kernel. However, in fairness, BSD has been ahead of linux of how TCP/IP is handled, so it's quite possible that there aren't major changes in that subsystem.
If it is incompatible, I would expect Cisco to release an update somewhat quickly (it took a while on Linux, though). The unfortunate part, though, is that the average person can't download the code from the Cisco site - you have to be a Cisco customer to get it. So, it means that the IT department of your company has to download it for you... If they don't like to support Macs, then best of luck
Brian
I'm not sure what her company's network is running on. I doubt she'll know. All she could tell me was that she had to upgrade to XP or "it didn't look right in ME".
I've used citrix before in OS 9. It sucked. It worked, but it sucked.
I guess I'll just have to wait until 10.2 comes out and give it a try.
<strong>Interesting stuff. Thanks.
I'm not sure what her company's network is running on. I doubt she'll know. All she could tell me was that she had to upgrade to XP or "it didn't look right in ME".
I've used citrix before in OS 9. It sucked. It worked, but it sucked.
I guess I'll just have to wait until 10.2 comes out and give it a try.
My company is using the Cisco 3000 VPN concentrator and it works quite well under 10.1.5. One of the first things I'll do when I install Jaguar is install the Cisco code to see if it works.
However, I'm getting Jaguar via Amazon with the free shipping, so it may be a while before I can report back.
Brian
<strong>
Implementation of VPN means a modification to the kernel as it alters the way that TCP/IP is handled on the machine.
In the linux world, an update to the minor version of the kernel (i.e 2.0 to 2.2 to 2.4) made the Cisco code incompatible. I would be a bit surprised if the same doesn't happen on a BSD kernel. However, in fairness, BSD has been ahead of linux of how TCP/IP is handled, so it's quite possible that there aren't major changes in that subsystem.</strong><hr></blockquote>
You do realize that MacOS X's kernel isn't anything like BSD's or Linux's, right?
Linux specifically has a macrokernel design (in theory - they've been moving more things out of the kernel as time goes on), BSD has something more akin to a microkernel, and MacOS X has a Mach 3.0 based kernel, which is mostly microdesigned.
The upshot is, to change anything of note in Linux, you have to recompile the kernel, while in MacOS X, you just give it a new driver. The TCP/IP stack in MacOS X is, to my knowledge, handled outside the kernel.
<strong>
Linux specifically has a macrokernel design
</strong><hr></blockquote>
I think the correct term is "monolithic".
However, as you stated yourself:
[quote]<strong>(in theory - they've been moving more things out of the kernel as time goes on)</strong><hr></blockquote>
Current Linux kernels can put a LOT of stuff into modules, and if I'm not completely mistaken, the Cisco VPN client does happen to come in the form of a module - no kernel recompile necessary.
[quote]<strong>BSD has something more akin to a microkernel</strong><hr></blockquote>
Recent BSDs don't. Their kernel architecture is very similar to Linux' one (monolithic kernel with KLDs).
[quote]<strong>The TCP/IP stack in MacOS X is, to my knowledge, handled outside the kernel.</strong><hr></blockquote>
Nope, I don't think that's the case.
Bye,
RazzFazz
[ 07-31-2002: Message edited by: RazzFazz ]</p>
Listen to the wise ones.
[quote]
Hi,
I saw your post on Apple Insider. I registered and tried to reply, but so far I haven't been validated, so that makes that a bit difficult! :-) Anyhow feel free to pass on that I have tried the Cisco VPN client on 10.2 and it works fine. At least the build I had at the time, 6c92 (or 98). I have 6C106 but haven't tried it yet.
There was no kmodload (or whatever it's called) binary included in my install of Jaguar, so I had to use the version from 10.1.5, which to my surprise worked fine. The module loaded into the kernel and VPN worked perfectly.
Cheers,
John
<hr></blockquote>
Daniel
[ 08-01-2002: Message edited by: Daniel ]</p>
<strong>For all those looking for a place to download the Cisco VPN clients do a google search for "cisco vpn 5000 client" or "cisco vpn 5000 client nasa" and it should show up in the results.
Daniel
[ 08-01-2002: Message edited by: Daniel ]</strong><hr></blockquote>
I believe that the 3000 series concentrator client is incompatible with the 5000 series client. The 3000 series can be found on the web as well, though.
Brian
[quote]Originally posted by Brian Paulsen:
<strong>
I believe that it depends on how her company is handling VPN. If the company is using Cisco's concentrators, don't expect much luck from Jaguar. Cisco puts some propiertary software on top of the VPN protocols. However, probably anything else will work.
If they are using Cisco products, Cisco does provide some code that runs fairly well on 10.1.5. I have no idea if the same code would work on 10.2. I would be a bit surprised if it does, though.</strong><hr></blockquote>
[ 08-20-2002: Message edited by: CyberMayT ]</p>