------------------------------------------------------------ ------------------------------------------------ Return your application via email and reserve your hotel rooms before December 15, 1999! To Networking Product Developers: Cisco invites you to participate in the VPN Interoperability Workshop, January 9-14, 2000, testing IPSec/IKE, L2TP, and PPP features at Paradise Point Resort in San Diego, California. The VPN Workshop combines the tenth CalBUG (formerly CIUG) PPP Interoperability Workshop and the eighth IPSec Interoperability Workshop. The Workshop will be open to companies with products that implement any of the following protocols: IP Security (IPSec) Internet Key Exchange (IKE) IKE-CFG IKE-XAUTH IP Payload Compression (IPComp) L2TP over Transport-Mode IPSec Compression Control Protocol (CCP) with MPPC and MPPE MS Challenge Handshake Authentication Protocol (MS CHAP) Version 2 Extensible Authentication Protocol (EAP) Point to Point Tunneling Protocol (PPTP) PPP over Ethernet (PPPoE) PPP over ATM L2TP over ATM L2TP The Workshop will provide an opportunity to test the interoperability of your products with products from all of the other companies attending. The participating companies are asked to bring products that are released, at beta or near beta level for the protocols
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
------------------------------------------------------------------------------------------------------------ Return your application via email and reserve your hotel rooms before December 15, 1999!
To Networking Product Developers:
Cisco invites you to participate in the VPN Interoperability Workshop, January 9-14, 2000, testing IPSec/IKE, L2TP, and PPP features at Paradise Point Resort in San Diego, California. The VPN Workshop combines the tenth CalBUG (formerly CIUG) PPP Interoperability Workshop and the eighth IPSec Interoperability Workshop.
The Workshop will be open to companies with products that implement any of the following protocols:
IP Security (IPSec)Internet Key Exchange (IKE)IKE-CFGIKE-XAUTHIP Payload Compression (IPComp)L2TP over Transport-Mode IPSecCompression Control Protocol (CCP) with MPPC and MPPEMS Challenge Handshake Authentication Protocol (MS CHAP) Version 2Extensible Authentication Protocol (EAP)Point to Point Tunneling Protocol (PPTP)PPP over Ethernet (PPPoE)PPP over ATML2TP over ATML2TP
The Workshop will provide an opportunity to test the interoperability of your products with products from all of the other companies attending.
The participating companies are asked to bring products that are released, at beta or near beta level for the protocols being tested.
Participants are engineering staff intimately familiar with the software and hardware that implement the capabilities being tested and are expected to have a thorough understanding of the protocols.
This Workshop will be open to only the participants. This is not a spectator event; it is not open to observers. Some participants will be working with unreleased products and the other attendees are expected to respect their privacy.
SPONSORSHIP:
Cisco is the host for the VPN Interoperability Workshop. UUNET, an MCI Worldcom Company will provide the backbone Ethernet network and access to the Internet. Madge will provide ISDN lines and CalBUG (formerly CIUG) will provide infrastructure equipment for the workshop network. Cisco will provide an ATM switch for PPPoATM and L2TPoATM testing.
SCHEDULE:
Sunday, January 9, 2000
12:00 Noon to 8:00 PM Registration and equipment set up by Participants
Monday, January 10, 2000
7:00 AM to 8:00 AM Continental Breakfast8:00 AM to 8:00 PM Testing 12:00 Noon to 1:30 PM Lunch
Tuesday, January 11, 2000
7:00 AM to 8:00 AM Continental Breakfast8:00 AM to 8:00 PM Testing12:00 Noon to 1:30 PM Lunch
Wednesday, January 12, 2000
7:00 AM to 8:00 AM Continental Breakfast8:00 AM to 8:00 PM Testing12:00 Noon to 1:30 PM Lunch4:00 PM to 5:00 PM Pizza 5:00 PM to 7:00 PM Group Meeting
Thursday, January 13, 2000
7:00 AM to 8:00 AM Continental Breakfast8:00 AM to 8:00 PM Testing12:00 Noon to 1:30 PM Lunch
Friday, January 14, 2000
7:00 AM to 8:00 AM Continental Breakfast8:00 AM to 5:00 PM Testing12:00 Noon to 1:30 PM Box Lunch3:00 PM Break Down Facility
FEES:
The charge for the Workshop is $300 per person. The fee is for the entire week and covers the cost of the meals and hotel facility. Each person attending must pay the full amount. There will be no provision for a daily rate for those not attending the entire week. Checks, wire transfers, or credit cards will be accepted. Cash payments are not available. Payment must be received in advance. Refunds will not be made for cancellations after December 15, 1999. Please fill out and return the payment form with your payment. Companies not registered will not be allowed to walk-in.
FACILITIES:
Tables and Power:
Each participating company will be provided one table, 5 Amps of power, and one power strip. Bring additional power strips if you need them. If you know your test setup will require more than 5 Amps please provide that information in advance on the application form and it will be available.
Backbone Ethernet Network:
Each participating company will be provided a single RJ-45 cable attached to the backbone Ethernet network. The backbone Ethernet network will be a set of public class C networks connected to the Internet via a router with all routes configured statically (no dynamic routing).
In the application you will be asked to specify which of the following configurations you will need and the quantity. You may request multiple configurations but you must bring your own switches/hubs and a crossover cable with an RJ-45 to RJ-45 connector to attach more than a single device to the backbone Ethernet network.
Configuration 1: A single IP address with a routed private network address.
A single IP address assigned from the backbone Ethernet network (a public class C network) and a private class C network (to be assigned) with a static route configured in the backbone router to the single IP address.
Configuration 2: A single IP address with a routed private and public network address.
A single IP address assigned from the backbone Ethernet network (a public class C network) with a private class C network (to be assigned) and a public subnetwork (/29 subnet address to be assigned) with a static route for both networks configured in the backbone router to the single IP address.
Note: You can not reach the Internet with private network addresses. If these
configurations do not satisfy your requirements, please contact James Matheke at 614-723-1525 or [email protected].
File Transfer Servers: Servers will be available for file transfers as defined in the test procedures.
CA Certificates: To arrange certificates with CA providers prior to the workshop, please go to the following for details.
Baltimore: [email protected]: http://freecerts.entrust.com/SSH (available in late December): http://isakmp-test.ssh.fi/VeriSign(contact [email protected]): https://onsite-test-fe.bbtest.net/bakeoff/
ISDN Lines: BRI and PRI lines will be provided for testing from a Madge switch. The BRI lines will be provisioned as NI-1 with CSV/D on each B channel. The BRI lines may be either a U or S/T interface. If you request a PRI line, please bring a CSU and the crossover cable to terminate the T1 interface. The PRI lines will be NI-2.
Telephone Service: There will be a telephone on each table in the workshop for voice service provided by a networked PBX.
ATM Circuits: There will be an ATM switch with coax interfaces provided for testing PPP over ATM or L2TP over ATM.
SHIPPING EQUIPMENT TO SAN DIEGO PARADISE POINT RESORT IN SAN DIEGO, CALIFORNIA
Participants will be responsible for bringing workstations and network equipment. You may ship your equipment to:
San Diego Paradise Point Resort1404 W. Vacation RoadSan Diego, CA 92109Telephone: 858-274-4630Attention: Steve Hanger Please mark "Hold for Cisco VPN Workshop"
Schedule your equipment to arrive at Paradise Point Resort between January 3-7, 2000. Please provide shipping information, such as date shipped, tracking number, and number of boxes to Paradise Point Resort so receipt of your shipment may be confirmed and accepted.
IMPORTANT: Please bring the shipping documents for the return of your equipment back to your company. These documents include the carrier form. International shipments must include all appropriate documents, including carrier forms and invoices.
Additionally, please make arrangements with your carrier in advance for pickup of your equipment at the Paradise Point Resort for no later than 5:00 PM on Friday, January 14, 2000. You will be responsible to see that your carrier picks up your equipment.
These two points are very important. Neither Cisco nor the Paradise Point Resort will be able to provide shipping forms or customs forms to you. You have to bring your own. Also neither Cisco nor the Paradise Point Resort will be able to store your equipment past January 14, 2000.
ACCOMMODATIONS:
Be sure to reserve by December 15, 1999, to insure that rooms will be available for you and your group. The block of rooms is available at:
San Diego Paradise Point Resort1404 W. Vacation RoadSan Diego, CA 92109Telephone: 858-274-4630 or 800-344-2626
Register under "Cisco VPN Workshop" to get the discounted Workshop rate of $140.00 plus tax per night.
Rooms are available for check in January 9, 2000 through check out January 14, 2000. Check in time is 4:00 PM and check out time is 12:00 Noon. Should the attendee cancel the reservation within 48 hours of arrival, they are subject to billing of one night's room and tax. Should an attendee depart early from the original check out date, the attendee will be responsible for one night's room and tax.Available room upgrade options:
Lanai single/double $140Lanai Bayview $195Studio Suite Garden $235Studio Suite Bayside $265One Bedroom Suite Garden $275One Bedroom Suite Bayview $310
About San Diego Paradise Point Resort: http://www.paradisepoint.com/
Airport Access:
Airline service is available to Lindbergh International Airport, San Diego, California, USA (SAN). Alternately, you may fly to Los Angeles (LAX), California and drive approximately two hours to San Diego.
Directions from Lindbergh International Airport: Take Harbor Drive North and turn right on Nimitz, follow signs to Mission Bay Park. Right on Ingraham, left at West Vacation
You can take Cloud 9 Shuttle 1-800-9-SHUTTLE from the airport to the hotel for transportation to the hotel for $8.00. From Terminal 1 or Terminal 2 follow the signs to the Ground Transportation Skybridge, proceed to the "Shuttle for Hire" curb and ask the "Transportation Coordinator" for Cloud 9 Shuttle. From the Commuter terminal exit the doors, cross over to the shuttle loading island, and ask the "Transportation Coordinator" for Cloud 9 Shuttle.
SECURITY:
An outside security company has been retained from 8:00 PM until 8:00 AM from January 8-14, 2000. There will be a sign-up procedure for participants wishing to work after 8:00 PM Those wishing to work after 8:00 PM must be present at 8:00 PM for introductions to the security staff of the evening.
PRESS RELEASE:
Cisco plans to make a press release following the workshop. There will be no mention of any specific results of the testing in this release. Please indicate in the application if you want your company's name included in this release as a participant. If you include your public relations person in the application, that contact will be given the opportunity to review the release in advance.
REGISTRATION:
This will be a "self organizing" event. It will be your responsibility to develop your own test schedule and to arrange your own testing partners. This method has worked well in the past and we believe that it provides the most productive environment for testing. In the application you will be asked to list the days you will be available for testing. Please be accurate so everyone has an opportunity to test with you.
Please fill out the Product Section of the application carefully defining the supported capability list for the protocol options you will test at the workshop. We will use the information to put together a binder of data to assist when you are testing with partners.
To register for the VPN Interoperability Workshop fill out the payment form and return it by email to <[email protected]>.
Then fill out the application on this Web site immediately to reserve your place at the workshop.
Send a check made out to the CalBUG for $300 for each participant to:
California Broadband User's Group, PO Box 27901-391, San Francisco, CA 94127
Wire funds to:
California Broadband Users' GroupAccount Number 02882 07752 Bank of America #0288 288 West Portal Avenue, San Francisco, CA 94127 USA ----------------------------------------------------------------------- APPLICATION
PLEASE FILL OUT THIS APPLICATION ON THE WEB SITE
Please enter the name of the Workshop Coordinator who will coordinate your registration. We will send emails to this person to give the latest information on the workshop and to verify your registration.
Company Name: __________________________
Name: __________________________________
Address: _________________________________
__________________________________________
City, State, Zip ________________________________
Country: _____________________________________
Phone: _________________________________
Fax: ___________________________________
Email: _________________________________
Do you want your company's name included in the Cisco press release as a participant? Yes or No
Provide the name, address, phone, fax, and email of your public relations contact. We will give this person an opportunity to review the release in advance.
Names of ALL Participants (including the Workshop Coordinator listed above if they will attend):
The purpose of this survey is to identify supported features so that vendors will know who is implementing what, can know who to discuss the detailed functionality with, and to identify products for more serious compatibility testing later.
Fill out a Product Section to describe supported features for each device or software package you will have at the workshop. If the version is unreleased, indicate 'alpha', 'beta', RC (release candidate) or build number. Options marked with * are advanced features. --- 1---Product Name:
L2TP/IPsec Client Software_____ End to End (Tunnel/Transport) Client_____
Other________________________
=====IPSEC=====IPSEC=====IPSEC=====IPSEC=====
IPSec manual keys SA configuration (keys, SPI, algorithms) (Y/N)
Minimum key length (Y/N)
If yes, key length________________
AH tunnel (Y/N)
AH transport (Y/N)
ESP tunnel (Y/N)
ESP transport (Y/N)
Transport adjacency: applying more than one security protocol to the same IP datagram, without invoking tunneling, eg. [IP][AH][ESP][packet payload] (Y/N)
Nested tunneling from the same box: "Tunneling IPSec in an IPSec tunnel", eg. [IP][IPSec][IP][IPSec][packet payload] where "[IPSec]" could be "[ESP]" or "[AH]" or "[AH][ESP]" and where "[packet payload]" could be a ULP or another entire IP datagram. (Y/N)
Iterated tunneling on same box: "Terminate a tunnel on one interface and forward the packets out on a different tunnel on a different interface" (Y/N)
ESP cipher algorithms-
DES-CBC (Y/N)
3DES (Y/N)
NULL encryption (Y/N)
*RC5 (Y/N)
*CAST (Y/N)
*Blowfish (Y/N)
*IDEA (Y/N)
*DES-X (Y/N)
ESP authenticators-
HMAC-MD-5 (Y/N)
HMAC-SHA-1 (Y/N)
*HMAC RIPEMD-160 (Y/N)
AH algorithms-
HMAC-MD-5 (Y/N)
HMAC-SHA-1 (Y/N)
*HMAC RIPEMD-160 (Y/N)
*IPP Compression Protocol-
LZS (Y/N)
DEFLATE (Y/N)
=====IKE=====IKE=====IKE=====IKE===== IKE=====
IKE Exchanges-
Main/Quick mode (identity protect) (Y/N)
*Aggressive mode (Y/N)
*IKE Config (Y/N)
*XAUTH (Y/N)
*DHCP Inform for internal tunnel config (Y/N)
*New Group Mode (Y/N)
IKE Authentication methods-
Preshared keys (Y/N)
Minimum length (Y/N)
If yes, length_____________
*RSA signature (Y/N)
*DSS signature (Y/N)
*RSA Encryption (Y/N)
*Revised RSA encryption (Y/N)
*GSSAPI-Kerberos v5 (Y/N)
*Base Mode (Y/N)
IKE Key Material-
Groups supported (1,2,3,4,5,others)__________
*Elliptic Curve Groups_____________
*DH-less IKE_________
Main mode PFS (1 MM per quick mode) (Y/N)
Quick mode PFS (Y/N)
Minimum quickmode lifetime (bytes/secs)_________
IKE Encryption algorithms-
DES (Y/N)
3DES (Y/N)
CAST (Y/N)
RC5 (Y/N)
Blowfish (Y/N)
IDEA (Y/N)
Other__________________
IKE Hash algorithms-
MD-5 (Y/N)
SHA-1 (Y/N)
*HMAC RIPEMD-160 optional (Y/N)
IKE Certificates-
*IKE Certificate Validation (Y/N)
Validate subject name against IPSec policy data (Y/N)
Normal operation requires on-line access to CA for enrollment (Y/N)
Certificate Request Payload (Reqd/Optional/Not Used and Ignored)______________
*Certificate chains in band, means exchanged in IKE (Y/N)