On 2013-08-14 00:36, Jim Klimov wrote: > On 2013-08-13 23:42, Nishimura, Scott L (ESS) wrote: >> Is there a way I can specify which port the communication goes over, >> increasing my chances that my Information Security team will approve >> the FW rule request? > > One thing you can do, and security people might be happy about, > is setting up a VPN (Cisco ASA, Linux/Raccoon, etc.), which > the SR2 and newer clients can directly log into.
Racoon does not work any more with newer versions of SRSS. This is one of the reasons why I decided to use ThinLinc. During my last year's trial of a then recent SRSS I had to acknowledge that the IPSEC authentication mode had been changed to another protocol that is not racoon compliant. BTW, I have a brand new Cisco ASA505 or some such for sale that during this trial I had already purchased, but I never went throught the pains of configuring it. Please email me privately if you want confirmation about the type and perhaps buy it (I'm located in Austria, Europe). Best regards, Andreas v. Heydwolff _______________________________________________ SunRay-Users mailing list [email protected] http://www.filibeto.org/mailman/listinfo/sunray-users
