More on enctypes vs. VPN

Garrett Wollman wollman at
Sun Oct 12 23:54:58 EDT 2003

In article <200310130024.TAA23718 at>,
John Hascall <john at> wrote:

>   It's not old VPN software, it's some new thing from cisco.

This is a semi-documented limitation in the Cisco VPN server software.
I have been complaining about it to our Cisco SE to no avail.  (Aside
to Sam: Jeff just bought a couple of these.  Can you ask him what, if
anything, he did about this?)  Apparently, des-cbc-md5 is the only
enctype AD supports, and that's the only one they are ever going to
implement.  (This is obviously insane, since they already have all of
the necessary crypto primitives to implement des3-cbc-sha1 which is
what our KDC is doing by default.)

If it helps any, John: I was able to get our VPN 3005 to authenticate
simply by changing a test user's password with a keytype of
des-cbc-md5; while this doesn't help the rest of our users, it
definitely demonstrates that the bug is in Cisco's handling of the
initial AS reply.  (This makes sense, since the thing doesn't verify
tickets; it has no host key.)


Garrett A. Wollman   | As the Constitution endures, persons in every
wollman at  | generation can invoke its principles in their own
Opinions not those of| search for greater freedom.
MIT, LCS, CRS, or NSA| - A. Kennedy, Lawrence v. Texas, 539 U.S. ___ (2003)

More information about the Kerberos mailing list