diff options
Diffstat (limited to 'security/openconnect')
| -rw-r--r-- | security/openconnect/pkg-descr | 18 | ||||
| -rw-r--r-- | security/openconnect/pkg-message | 13 |
2 files changed, 17 insertions, 14 deletions
diff --git a/security/openconnect/pkg-descr b/security/openconnect/pkg-descr index 4b766eee2fb0..12e71d22f9c4 100644 --- a/security/openconnect/pkg-descr +++ b/security/openconnect/pkg-descr @@ -1,9 +1,13 @@ -OpenConnect is a client for Cisco's AnyConnect SSL VPN, which is -supported by IOS 12.4(9)T or later on Cisco SR500, 870, 880, -1800, 2800, 3800, 7200 Series and Cisco 7301 Routers. +Cisco's implementation of the DTLS protocol unfortunately does not +comply with the relevant standards, and the OpenSSL in FreeBSD's +base requires a patch to provide full interoperability. You will +still be able to establish a tunnel, but all traffic will be +transmitted via an HTTPS connection. This means that any packet +loss on your link will result in a significant detriment to the +speed of your VPN connection. -Like vpnc, OpenConnect is not officially supported by, or -associated in any way with, Cisco Systems. It just happens to -interoperate with their equipment. +Note that versions of FreeBSD older than 8.0 will require a small +number of additional patches, due to the older version of OpenSSL +included in their base. -WWW: http://www.infradead.org/openconnect.html +More information is included in README.DTLS. diff --git a/security/openconnect/pkg-message b/security/openconnect/pkg-message index c0771de81e7e..1a9edab74256 100644 --- a/security/openconnect/pkg-message +++ b/security/openconnect/pkg-message @@ -1,10 +1,9 @@ Cisco's implementation of the DTLS protocol unfortunately does not -comply with the relevant standards. OpenSSL must be patched to -provide full compliance with their implementation, and due to the -older release of OpenSSL in the FreeBSD base, there are additional -patches that must be applied to achieve the same goal. Though -OpenConnect will still function, all traffic will be passed over -an HTTPS connection. Should there be any packet loss on your -link, your VPN connection will suffer greatly. +comply with the relevant standards, and the OpenSSL in FreeBSD's +base requires a patch to provide full interoperability. You will +still be able to establish a tunnel, but all traffic will be +transmitted via an HTTPS connection. This means that any packet +loss on your link will result in a significant detriment to the +speed of your VPN connection. More information is included in README.DTLS. |