Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Connect the MacOSX 10.4.10 L2TP client with Cisco router

Has anyone managed to connect with Mac's L2TP client to a Cisco (1812W) router with IOS 12.4T? I have found a bug in the l2tp client of Mac which does not handle newer L2TP AVPs. However, the L2TP server on the router sends "56 PPPoE Relay Response Capability" and "57 PPPoE Relay Forward Capability" which will cause the Mac client to abort immediately.

It seems to me as if the L2TP client on MacOSX simply does not work with Cisco routers running 12.4(T).

The Windows client connects just fine.

I am currently looking whether it is possible to prevent the router from sending these AVPs but I have not found anything, yet.

Does anyone use the MacOSX client to connect successfully or knows a way how to disable those AVPs on the router?

5 REPLIES
Bronze

Re: Connect the MacOSX 10.4.10 L2TP client with Cisco router

The VPN client should be able to connect to an IOS router without an issue. I have sent you a URL on setting this up as well as a sample configuration for your review. The MAC OSX client install should be the same as the 3.6 client.

http://www.cisco.com/univercd/cc/td/doc/product/vpn/client/nonwin35/user_gd/index.htm

http://www.cisco.com/warp/public/471/ipsecrouter_vpn.html

New Member

Re: Connect the MacOSX 10.4.10 L2TP client with Cisco router

I know that the Cisco VPN Client connects to the router. I use the client myself. The point of using the L2TP client was to connect to the router with a client which comes with the OS and not being required to install another software.

New Member

Re: Connect the MacOSX 10.4.10 L2TP client with Cisco router

FWIW, the native OSX client works with PIX/ASA, but panther won't work with NAT-T (tiger will.)

I doubt you'll be able to disable the AVPs. I hope they don't break this in the PIX image as well.

New Member

Re: Connect the MacOSX 10.4.10 L2TP client with Cisco router

I have not found anything, yet, to disable the AVPs. Technically, they are O.K. and RFC compliant. The Tiger L2TP client does not recognize them. But what is worse: instead of ignoring them properly they try to check the size of the AVP against a static array which contains the expected sizes for all AVPs from the original RFC. Obviously accessing this array with an index larger then the array size results in random results or even a crash.

Thus, I don't think it is a problem of Cisco. I don't think they can "break this". What they do is RFC compliant. It is a bug of tiger. I just was wondering why noone noticed this problem yet. But I guess Cisco added those AVPs not long ago and I run pretty much the latest IOS version here.

Well, tomorrow I will get Leopard and will see if they have fixed this there or not.

New Member

Re: Connect the MacOSX 10.4.10 L2TP client with Cisco router

I was hoping they have fixed this in Leopard. But unfortunately no difference...

154
Views
0
Helpful
5
Replies
CreatePlease login to create content