One way to quickly connect to a Cisco VPN

Jun 29, '09 07:30:00AM

Contributed by: frogmella

In February, this hint explainted how to install vpnc as a replacement for the Cisco VPN client. I finally got it working with a little tweaking and divergence from the original instructions, based in part on follow-up comments.

But what I really wanted was to have my VPN as easy (or easier) to activate than using the (otherwise awful) Cisco application: largely because I use my company's VPN in conjunction with 3G mobile broadband, which has a habit of dropping connection when my commuter train goes through a tunnel, requiring regular reconnection!

I tried using Shimo and vpntool with no success, and finally got it working using the following solution...

  1. Install vpnc using Fink (as per earlshango's suggestion in the original comments). You need to add the 'unstable' repository when you configure Fink, since vpnc isn't considered a stable release yet (but don't worry; it works fine). This will install all dependencies.
  2. Convert the Cisco profile(s) as per original hint.
  3. Ensure that the new conf file(s) are not visible to other users. In Terminal, do this: sudo chmod go-rwx /etc/vpnc/acme_connection.conf. Also make sure that the profiesl have your VPN password embedded in them, with a line as follows: Xauth password your_vpn_password.
  4. Test that everything's working using, for example: sudo /sw/sbin/vpnc /etc/vpnc/acme_connection.conf.
  5. Configure sudo to allow your normal account (in my case a non-admin one) to launch vpnc. I did this by running visudo as an admin user, and adding aliases as follows in the relevant sections of the file:
    User_Alias ME = frogmella, WIN_DOMAINfrogmella
    Cmnd_Alias VPNC = /sw/sbin/vpnc, /sw/sbin/vpnc-disconnect
    ME ALL = NOPASSWD: VPNC
  6. Make shell scripts in your ~/Library/Scripts folder: one to connect to each VPN you use, and one to disconnect anything. For example:

    VPN - Connect to Acme script:
    #!/bin/bash
    sudo /sw/sbin/vpnc /etc/vpnc/acme_connection.conf
    VPN - Disconnect from all script:
    #!/bin/bash
    sudo /sw/sbin/vpnc-disconnect
  7. Run AppleScript Utility (in the Utilities folder) and check Show Script Menu in Menu Bar. The newly-created shell scripts should now show in the Scripts menu. So now you have a one-click solution for connecting and disconnecting.
[robg adds: I haven't tested this one.]

Comments (11)


Mac OS X Hints
http://hints.macworld.com/article.php?story=20090625012729678