Yeah, you continually say nothing.
Let me help. http://www.groupstudy.com/list/guide.html
Paul, can we get some assistance here?
tv
From: Mark Jackson [mailto:markcciejackson_at_gmail.com]
Sent: Tuesday, November 03, 2009 4:16 PM
To: tvarriale_at_flamboyaninc.com
Cc: ccielab_at_groupstudy.com
Subject: Re: Cisco GET VPN in transport mode
Well, you sure are an abrasive little elf...also, if your not part of a
general solution, your part of the problem and the problem I see with you is
you just are not nice! Get a life, get some sunshine and maybe your overall
demeanor with change.
on that note...allow me to school you asshole! (queue the school bell)
I said the following:
1. IPSec has compatibility req
2. The TOS field in the header
3. Lack of vectors such as the use of AH and ESP protocols
That was in response to the question of:
1. I do not understand why transport mode suffer fragmentation and
reassembly.
So, hopefully you are following along. I know being a Network Architect at
Presidio has dulled your 'technical' edge.
On Tue, Nov 3, 2009 at 1:53 PM, Tony Varriale <tvarriale_at_flamboyaninc.com>
wrote:
Your reasons make no sense.
And, please feel free to point out portion of RFC2402 that Cisco is not
following in their implementation.
tv
-----Original Message-----
From: mark jackson [mailto:markcciejackson_at_gmail.com]
Sent: Tuesday, November 03, 2009 3:47 PM
To: Tony Varriale
Cc: ccielab_at_groupstudy.com
Subject: Re: Cisco GET VPN in transport mode
Not sure I understand...
Mark Jackson, CCIE#4736
Sent from my iPhone
Please excuse spelling errors
On Nov 3, 2009, at 1:45 PM, "Tony Varriale"
<tvarriale_at_flamboyaninc.com> wrote:
> Dare I ask what?
>
> tv
>
>
> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf
> Of mark
> jackson
> Sent: Tuesday, November 03, 2009 3:02 PM
> To: Hans None
> Cc: ccielab_at_groupstudy.com
> Subject: Re: Cisco GET VPN in transport mode
>
> A few reason for this are:
>
> 1. IPSec has compatibility req
> 2. The TOS field in the header
> 3. Lack of vectors such as the use of AH and ESP protocols
>
> All in all, cisco did not follow the specs define in rfc 2402. Kind
> of sad
>
> Mark Jackson, CCIE#4736
>
> Sent from my iPhone
> Please excuse spelling errors
>
> On Nov 3, 2009, at 12:53 PM, Hans None < <acsyao_at_hotmail.com>
> acsyao_at_hotmail.com> wrote:
>
> I have read the following on GET VPN in transport mode:
>
>
> IPsec transport mode suffers from fragmentation and reassembly
> limitations
> and must not be used in
> deployments where encrypted or clear packets might require
> fragmentation.
>
>
> I do not understand why transport mode suffer fragmentation and
> reassembly.
>
>
>> From: <markcciejackson_at_gmail.com> <markcciejackson_at_gmail.com>
> markcciejackson_at_gmail.com
>> Date: Tue, 3 Nov 2009 12:44:46 -0800
>> Subject: Re: Cisco GET VPN in transport mode
>> To: <acsyao_at_hotmail.com> <acsyao_at_hotmail.com>acsyao_at_hotmail.com
>> CC: <ccielab_at_groupstudy.com> <ccielab_at_groupstudy.com>
> ccielab_at_groupstudy.com
>>
>> It is mainly because Cisco cannot initate/terminate transport mode
>> IPSec tunnel. Getvpn works mainly in changing the header, it's
>> actually not changing but the same idea. Mire a copy and paste.
>>
>> Mark Jackson, CCIE#4736
>>
>> Sent from my iPhone
>> Please excuse spelling errors
>>
>> On Nov 3, 2009, at 12:39 PM, Hans None < <acsyao_at_hotmail.com>
> acsyao_at_hotmail.com> wrote:
>>
>>> All,
>>>
>>>
>>>
>>> Does anyone know why Cisco GET VPN does not work in IPSEC transport
>>> mode?
>>>
>>>
>>>
>>>
>>>
>>> Thanks,
>>>
>>> _________________________________________________________________
>>> Bing brings you maps, menus, and reviews organized in one place.
>>>
>
<http://www.bing.com/search?q=restaurants
<http://www.bing.com/search?q=restaurants&form=MFESRP&publ=WLHMTAG&crea=TEXT
> &form=MFESRP&publ=WLHMTAG&crea=TEXT
>
_M><http://www.bing.com/search?q=restaurants
<http://www.bing.com/search?q=restaurants&form=MFESRP&publ=WLHMTAG&crea=T>
&form=MFESRP&publ=WLHMTAG&crea=T
> EXT_M>
>
http://www.bing.com/search?q=restaurants
<http://www.bing.com/search?q=restaurants&form=MFESRP&publ=WLHMTAG&crea=TEXT
_> &form=MFESRP&publ=WLHMTAG&crea=TEXT_
> M
>>> FESRP_Local_MapsMenu_Resturants_1x1
>>>
>>>
>>> Blogs and organic groups at <http://www.ccie.net <http://www.ccie.net/>
> <http://www.ccie.net <http://www.ccie.net/>
>>> >
> http://www.ccie.net <http://www.ccie.net/>
>>>
>>> _______________________________________________________________________
>>
>>
>>> Subscription information may be found at:
>>>
>
<http://www.groupstudy.com/list/CCIELab.html><http://www.groupstudy.com/list
> /CCIELab.html>
> http://www.groupstudy.com/list/CCIELab.html
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>
> ------------------------------
> Bing brings you maps, menus, and reviews organized in one place. Try
> it
>
now.<http://www.bing.com/search?q=restaurants
<http://www.bing.com/search?q=restaurants&form=MFESRP&publ=WLHMTAG&crea=>
&form=MFESRP&publ=WLHMTAG&crea=
> TEXT_MFESRP_Local_MapsMenu_Resturants_1x1>
>
>
> Blogs and organic groups at http://www.ccie.net <http://www.ccie.net/>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net <http://www.ccie.net/>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
-- Mark Jackson, CCIE #4736 Senior Network, Security and Voice Architect 858.705.1861 Blogs and organic groups at http://www.ccie.netReceived on Tue Nov 03 2009 - 16:41:06 ART
This archive was generated by hypermail 2.2.0 : Tue Dec 01 2009 - 06:36:28 ART