[c-nsp] Cisco VPN
Ted Mittelstaedt
tedm at toybox.placo.com
Mon Dec 5 04:48:09 EST 2005
>-----Original Message-----
>From: cisco-nsp-bounces at puck.nether.net
>[mailto:cisco-nsp-bounces at puck.nether.net]On Behalf Of Ronald
>W. Jean Jr.
>Sent: Sunday, December 04, 2005 5:08 PM
>To: cisco-nsp at puck.nether.net
>Subject: [c-nsp] Cisco VPN
>
>
>Good day all,
>
>
>
> Is anyone familiar with the Cisco VPN client 4.0 and higher
>connecting to the Internet and initiating a VPN, only to "leak"
>the private
>IP to the ISP. I am encountering customers who connect to me and for
>whatever reason I am seeing them broadcast their private IP instead of
>putting it through the tunnel. This has been seen on 9xm NT, 2K
>and XP. My
>infrastructure will kill these customer's sessions when this occurs.
>
Mine won't. Ha ha!
>
>
>Any advisement on this issue?
>
Fix your infrastructure.
Seriously, you should be ignoring this. You should have anti-spoof
access lists
on your equipment of course, but dropping a session just because they
send a packet
to you that is sourced from a different IP address than you assigned to
them? That
is needlessly extremist. Just drop the packet and leave the session
alone. If they
are doing it deliberately, such as dumb kids trying to play at spoofing,
they will
get tired of it when nothing appears to be happening, and find some other
game.
Ted
More information about the cisco-nsp
mailing list