Cisco VPN Client Readme file
============================


This file describes the contents of the Cisco VPN Client files for the Linux platform

Refer to the Bug Navigator on Cisco Connection Online for open issues:
http://www.cisco.com/support/bugtools/bugtool.shtml



Revision: Release 4.6.03.0190
Files:    vpnclient-linux-x86_64-4.6.03.0190-k9.tar.gz
Contents:

New Features

This release is a Beta for the VPN Client installed on biarch* linux systems for x86_64 platforms.
The client is NOT compatible with pure 64-bit operating systems.
The client operates on both 32-bit i386 and biarch x86_64 operating systems.
On i386 32-bit operating systems, this release is not cosidered a Beta.
The VPN Client now requires GLIBC_2.2 and libstdc++.so.5.  Distributions like RedHat 9 and SuSe 9 comply with these requirements.

* biarch = 64-bit kernel that allows execution of 32-bit applications.



Resolved Issues

CSCeh39564  unity linux non-ether hw address (512)
CSCeh40276  virtual adapter host routes point through the va
CSCeh41571  unity linux isdn over va fails to pass traffic
CSCeh51889  unity linux builds with newer kernels fail
CSCeh53258  unity linux config.h should be deleted kernel header userland bad
CSCeh65770  unity linux should set rp_filter to 0 during connection
CSCeh74933  unity linux overlapping cipsec0 with concentrator mask fails


Unresolved Issues

CSCei03756  unity application unable to communicate error message



Revision: Release 4.6 Rel
Files:    vpnclient-linux-4.6.02.0030.Rel-k9.tar.gz

Contents: - See Release Notes for Release 4.6 Rel at:
            http://www.cisco.com/univercd/cc/td/doc/product/vpn/client/index.htm




# Firewall configuration written by Cisco Systems
# Designed for the Linux VPN Client 4.6.03.0190 Virtual Adapter
# Blocks ALL traffic on eth0 except for tunneled traffic
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]

# Allow all traffic in both directions through the VA adapter
-A INPUT -i cipsec0 -j ACCEPT
-A OUTPUT -o cipsec0 -j ACCEPT

# Accept all encrypted VPN Client traffic in either direction on eth0
-A INPUT -i eth0 -p udp -s 0/0 --sport 500 -d 0/0 --dport 500 -j ACCEPT 
-A OUTPUT -o eth0 -p udp -s 0/0 --sport 500 -d 0/0 --dport 500 -j ACCEPT 

-A INPUT -i eth0 -p udp -s 0/0 --sport 4500 -d 0/0 --dport 4500 -j ACCEPT 
-A OUTPUT -o eth0 -p udp -s 0/0 --sport 4500 -d 0/0 --dport 4500 -j ACCEPT 

-A OUTPUT -o eth0 -p udp -s 0/0 --sport 1024: -d 0/0 --dport 29747 -j ACCEPT 

# Block all other traffic in either direction on eth0
-A INPUT -i eth0 -j REJECT 
-A OUTPUT -o eth0 -j REJECT
COMMIT