Looks like Cisco uses a proprietary kext, so you need the client.
My university has a Cisco VPN server, and they push the Cisco VPN client on us (naturally).
I would, however, much prefer to use Mac OS X's integrated VPN subsystem, if possible. I do have a preconfiguration file (.pcf) which is thankfully plain-text.
I've used my best guesses and transferred data like so:
(PCF directive) > (System Preferences field)
Host > Server Address
Account name > my username (not in PCF)
enc_GroupPwd > Authentication Settings::Machine Authentication::Shared Secret
UserPassword > Authentication Settings::User Authentication::Password (not in PCF)
GroupName > Group Name
And even after all of that, I get a message saying that I am not connected.
Is this because I have left out a piece of configuration, or because the Mac OS X subsystem is not compatible with Cisco's (proprietary?) VPN server?
Also, system.log says
PS No point suggesting that I ask for more info from IT, because that's what my original request was, and I got a form email with a link to the clientCode:Jan 30 11:01:25 iBook pppd: pppd 2.4.2 (Apple version 314) started by root, uid 501 Jan 30 11:01:25 iBook pppd: L2TP connecting to server 'vpn-server-address.com' (134.xxx.xxx.xxx)... Jan 30 11:01:32 iBook pppd: IPSec connection started Jan 30 11:01:45 iBook pppd: IPSec connection failed
Last edited by michaelsanford; January 30th, 2008 at 10:03 AM.
link to a Mac OS X port farther down in the page) which will work specifically with Cisco VPN servers. However, unlike the Cisco VPN client you can't access regular Internet because vpnc would need some way to loopback the DNS redirections. Cisco's client already has this feature built into its client. The open source version works, but when accessing local stuff over the internet you won't be able to.
Hope that's clear to understand...
• Apple iMac G5 17" (2 GHz G5) - Mac OS X 10.5.8/Ubuntu 10.04
• Asus Eee PC 901 (1.6 GHz Atom N270) - Fedora 13
• Apple Macintosh Quadra 650 (33 MHz MC68040) - Mac OS 8.1
• "JHVH-1" (2 GHz AMD Athlon XP 2400+) - Slackware 13.1
The latest Cisco client is available here:
You (may) need to uninstall the VPN client via Terminal (sudo /usr/local/bin/vpn_uninstall) then reinstall the latest universal binary.
I don't quite understand why you care about what VPN client you have to use - its just a tool to get the job done, which is to give you the remote access you need.
Thanks for the tip.
And for me, using the other client isn't the end of the world, I just somewhat dislike installing an application to do something that I already have a tool for (it just doesn't work). I like to make use of my system's features. But in the end you're right, it is just a tool to get remote connectivity.
I find it generally easier to follow a supported model (hey, if you can get someone else to do the work for you ...) and in the case of VPN, there are often proprietary protocols and extensions that make a common universal solution less feasible.
I just learned that about VPN. I also like your reasoning for adhering to the supported model
One thing I was really interested in was VPN support with the DD-WRT installation on my linksys, only to find that it doesn't come with the version (micro) suitable for my model. Silly VPN...