tls@rek.tjls.com (Thor Lancelot Simon) writes:
> Ha!  No, you can't use racoon nor isakmpd to talk to a Cisco configured
> that way, because it's using the nonstandard and dangerous XAUTH
> extension to IKE.  But what's pretty funny is that using IKE that way
> lets *any* sonic.net customer steal any other sonic.net customer's
> password. [...]

Wow.  What a bombshell.  Thanks for spotting this f-up.  I'll
certainly pass the info on to Sonic.  They're a small independent ISP
that prides itself in doing things better than the big big boys.  This
will almost certainly make them wince in embarrassment -- hopefully
followed by them reaming Cisco a new one.

-wolfgang
-- 
Wolfgang S. Rupprecht 		     http://www.wsrcc.com/wolfgang/
       The above "From:" address is valid.  Don't mess with it.