I've got 2 SA 540's. Site to site setup was a breeze, but i've still got issues. I'm disappointed by the fact the the ipsec vpn doesn't appear to support the cisco client, and thus the iphone (no place to put a security group name). So I've got some questions if anybody knows the answers:
1. How do i use a second public ip address for ssl and ipsec vpn traffic? My first ip address is being used for nat and port forwarding to servers and i don't want to change this, because i'll have to make dns changes that could potentially affect mail flow. my secondary public ip addresses are neither on the same subnet nor do they have the same gateway as my primary public ip addresses.
2. Is support for the traditional ipsec cisco vpn client (same one used in iphone) on the roadmap? If not, is some sort of iphone solution on the roadmap?
3. Is there any way to telnet into the device for CLI like capabilities? The Administration guide seems to indicate that there is, but I can't get into the SA 540with telnet, telnet/s, or ssh.
4. Is supporting spaces and other characters like periods in user names for users on the roadmap? I am currently having to use a replacement setting for user-id on my radius servers that changes email address into full usernames. usernames on this network have spaces and periods. i can't use email address to logon because the radius servers automatically prepend the domain\ to the user id and i can't figure out how to get that out. this might also potentially solve the issue.
thanks in advance for any help.
oh, and i've got a list of xbox ports if anyone needs them. it's longer than what most sites lead you to believe. i was able to go from strict to open on a 1760.