Oh, the Silly Things We Get Stuck On
Posted on June 14, 2007
4 Comments
I spent over 7 hours today attempting to get a Cisco VPN Concentrator to establish a lan-to-lan VPN tunnel with a Symantec Gateway Security appliance (aka firewall). Now, you’d think IPsec wouldn’t be so difficult — after all, it’s an “open” protocol, right? But dang, I burned a lot of hours on this today.
Oh the solution was very simple:
I spent so much time farting around with various permutations of MD5, SHA, ESP, 3DES and all the acronym soup involved that I never even thought to disable PFS.
I don’t really know what it does. I don’t really know if I want it. I just know that things work quite well without it.
My brain hurts.
[This is one of those articles that I'll hope to remember next time I do this, thus saving myself hours. Or perhaps it'll help the next poor schmuck searching for answers on the same thing.]
Tags: cisco, operations, security, symantec, vpn
Possibly Related Posts
Comments
4 Responses to “Oh, the Silly Things We Get Stuck On”
Leave a Reply
I hear ya! Messing about with web development I find myself in this mess quite often. Pouring over my CSS wondering what I missed, when almost 90% of the time it is something real stupid. Either I forgot a letter in the filename, or forgot that its a *.png instead of a *.jpg, really silly stuff that gets me re-reading my ‘intro’ books looking for some obscure solution, when its just a spelling error.
Make a lot of these type of posts on your blog. Oftentimes, I use my blog as a reference useful things I’ve found over the years.
@Rob - lol, ain’t it the truth?
@Michael - I’m sometimes amused at how often I use my own blog as a research tool. “I know I mentioned that once…” is usually how the search starts.