Install vpnc as a replacement for the Cisco VPN client

Feb 20, '09 07:30:02AM

Contributed by: Anonymous

Here's how to build vpnc as a drop-in replacement for the Cisco VPN client. Why on earth would I want to do this? Because, in my opinion, Cisco's client is a pretty poor piece of software, you shouldn't have to have a Cisco contract to download the thing, and I am a big proponent of open source software.

This process has been tested under Mac OS X 10.5.5 and Ubuntu Intrepid 64 bit, and it's written up in detail on this page on my site. Here's the executive summary version: Requirements:

Required software: Read on for the short version of the installation instructions...

For greater detail on each of the following steps, see the full instructions on my site. If you've got Unix experience, though, this version should be enough to get you going:

  1. Download, compile (if necessary), and install libgpg-error, libgcrypt, vpnc, and TunTap.
  2. Start TunTap using the tun and tap scripts in the /Library/Startup Items folder.
  3. Copy and Convert the Cisco Profiles. For this example, we'll assume the profiles are installed in /etc/opt/cisco-vpnclient/Profiles, which is standard on OS X. Run these commands in Terminal:
    $ sudo cp -R /etc/opt/cisco-vpnclient/Profiles ~
    $ cd ~/Profiles
    $ curl -O http://www.gdanko.net/convert_profiles.sh
    $ sudo sh ~/Profiles/convert_profiles.sh
  4. Download and install a simple launcher I wrote:
    $ cd /usr/local/bin
    $ sudo curl -O http://www.gdanko.net/vpnc_launcher.txt
    $ sudo mv vpnc_launcher.txt vpnc_launcher.php
    $ sudo chmod 755 vpnc_launcher.php
Whew! We're finished. The client and its prerequisites are installed, and the Cisco profiles have been converted over. It's time to test our VPN client. To use the client, launch it by typing sudo vpnc_launcher.pl in Terminal. You should see something like the following:
Unix VPN Connection Utility (new and improved!)
Available VPN Servers:

[1] Bangalore
[2] Dallas
[3] NewYork

Please select a VPN to connect to: 3

Connecting to NewYork...
Enter username for vpn.newyork.foo.com: myname
Enter password for myname@vpn.newyork.foo.com: mypass
add net x.x.x.x: gateway x.x.x.x
add host x.x.x.x: gateway x.x.x.x
delete net default
add net default: gateway x.x.x.x
VPNC started in background (pid: 7557)...
bash-3.2$ vpnc-disconnect
Terminating vpnc daemon (pid: 7557)
That's it, we're done!

[robg adds: In testing this, I was able to download, compile, and install all the components, and convert my Cisco profiles. However, I wasn't able to successfully connect to Macworld's VPN. The problem is probably a configuration issue on my end with vpnc, but I haven't had time to delve into it yet.

In case the two required files on the linked site ever go away, I've mirrored them here on macosxhints: convert_profiles.shvpnc_launcher.txt.]

Comments (9)


Mac OS X Hints
http://hints.macworld.com/article.php?story=20090220063523591