VPN setup

peterh2o

macrumors member
Original poster
Aug 9, 2006
31
0
Can anyone help me set up my cisco vpn software? My company doesn't support macs and I haven't the faintest clue how to set the parameters and what not.
 

Queso

Suspended
Mar 4, 2006
11,824
7
Is there are pcf profile file they can give you containing the encryption keys? If so, you can import that to get most of the steps done for you by the VPN software. It's the same profile file that the Windows client uses, so it doesn't matter if your IT don't know anything about Macs.
 

peterh2o

macrumors member
Original poster
Aug 9, 2006
31
0
Well I have the instructions for the windows version although I'm not sure what I can pull from it or how I would even try to input any of the stuff in the mac version of cisco. I'll ask to see if they can give me a copy of the pcf profile file.
 

yellow

Moderator emeritus
Oct 21, 2003
16,033
1
Portland, OR
The Mac version is the same as the PC version, and the setup instructions should be more or less the same (post install).
 

peterh2o

macrumors member
Original poster
Aug 9, 2006
31
0
Well the way that it's setup for my company is we download it off an ftp server and I guess most of it is configured...here are the instructions with the company info x'd out:
3. Type the following commands, and press enter after each:
a. c:
b. cd \
c. mkdir vpn
d. cd vpn
e. ftp ftp1.xxxxxx.com
4. You should see the following on your screen:
C:\>mkdir vpn
C:\>cd vpn
C:\vpn>ftp ftp1.xxxxxx.com
5. At this point, you should be asked for a username. Type xxxxxxx and press enter.
Connected to ftp1.xxxxxx.com.
220 cftin.xx.xxxxxx.com MultiNet FTP Server Process V4.2(16) at
Thu 7-Nov-2002 2
:09PM-EST
User (ftp1.xxxxxx.com: (none)): xxxxxxx
6. At this point you should be asked for a password. Type xxxxxxxxxx and press enter.
331 User name (xxxxxxx) ok. Password, please.
Password:
7. You will now be at a ftp> prompt. Type the following commands to download the software
a. bin
b. hash
c. get vpnclient_setup.exe
8. You should see the following on your screen:
ftp> bin
200 Type I ok.
ftp> hash
Hash mark printing On ftp: (2048 bytes/hash mark) .
ftp> get vpnclient_setup.exe
200 Port 235.51 at Host xxx.xxx.xxx.xxx accepted.
150 IMAGE retrieve of FTP1$:[VPNSOFT]VPNCLIENT_SETUP.EXE;1
(7982080 bytes) start
ed.
9. Now you should see a lot of ### on your screen, and this process will take a few minutes,
depending on the speed of your connection. When it is completed you should type quit,
and you will see the following:
226 Transfer completed. 7981056 (8) bytes transferred.
ftp: 7981056 bytes received in 1.91Seconds 4187.33Kbytes/sec.
ftp> quit
221 QUIT command received. Goodbye.
C:\vpn>
 

yellow

Moderator emeritus
Oct 21, 2003
16,033
1
Portland, OR
Not a single bit of that is set-up.
It's simply downloading the VPN client from an FTP server. And it won't help you because it's strictly a Windows version of the VPN Client. Unfortunately, Cisco doesn't make their VPN clients readily available to just anyone on the web (unless something has changed?), you will have to try and get a copy of the Mac client for use with the proper VPN server from your IT staff, whether they support Macs or not.

The set-up is the config that they have one do after the VPN client is installed.
 

peterh2o

macrumors member
Original poster
Aug 9, 2006
31
0
Apple Macintosh OS X (Darwin, Panther) VPN Client
(This is the VPN client software you will need)

* Recommended Production Version:
Mac OS X 4.7.00.0510-GUI-k9 File size: 12,304,384
Release Date: Aug 3, 2005
MD5SUM: d6a09015b8636452f85da2ffae67d71a


That's the version I downloaded from my school's website as I still have access to software through them. Is this the wrong version as well?
 

Queso

Suspended
Mar 4, 2006
11,824
7
That's the right client. Install it, then it's just a case of getting the pcf file.
 

peterh2o

macrumors member
Original poster
Aug 9, 2006
31
0
ok cool, thanks for all the help guys. Once I get the pcf file hopefully I can do it myself if not I'll be back. THANKS AGAIN!!!
 

plinden

macrumors 68040
Apr 8, 2004
3,968
3
peterh2o said:
Apple Macintosh OS X (Darwin, Panther) VPN Client
(This is the VPN client software you will need)

* Recommended Production Version:
Mac OS X 4.7.00.0510-GUI-k9 File size: 12,304,384
Release Date: Aug 3, 2005
MD5SUM: d6a09015b8636452f85da2ffae67d71a


That's the version I downloaded from my school's website as I still have access to software through them. Is this the wrong version as well?
Hmm, do you have an Intel Mac? That version won't work if it is, that's PPC only. You need version 4.9 for Intels. Let me try to find out exactly what version I have. I'll edit this later when I find out.

Edit: You need vpnclient-darwin-4.9.00.0050-universal-k9.dmg for Intel Macs.
 

peterh2o

macrumors member
Original poster
Aug 9, 2006
31
0
Ahhh crap, I guess I should have mentioned that in the beginning...I have a macbook. When I tried using the vpn client last night with the software it wouldn't work but I guess I know why now...I'm a total mac noob
 

plinden

macrumors 68040
Apr 8, 2004
3,968
3
If you google it, you can download it from some edu sites out there. To set it up, you just need to know your Cisco VPN server, group name and password (if applicable to your workplace) and your own username and password. Setup is easy then.
 

peterh2o

macrumors member
Original poster
Aug 9, 2006
31
0
I've successfully installed vpn and it works but when I try to remote into my computer at work it says it can't connect. Do I need to mess with some settings or what?
 

plinden

macrumors 68040
Apr 8, 2004
3,968
3
What OS is your work computer running?
Remote access to XP is only available for XP Pro. Is that what you have?
Does your IT department allow remote access to internal PCs?
Is remote access on your work computer enabled?
Is the firewall enabled on your work computer? If so, is the firewall configured to allow remote access (actually, I think that's done automatically, but not sure).

Just as a heads up, I was never able to consistently access my Dell laptop from my Mac even with the laptop sitting right beside me, never mind sitting in my office at work. Access through the firewall on it was hit or miss. But I didn't spend much time with trying to access XP, instead set it up to dual boot into Linux, and have no problems accessing it now.
 

peterh2o

macrumors member
Original poster
Aug 9, 2006
31
0
I know it's running XP but I'm not sure if it's pro or not. I've been able to remote access my comp before but just on a pc laptop. I guess I'll have to check which version it's running tomorrow. What a pain in the @ss. Thanks for the help thus far.
 

peterh2o

macrumors member
Original poster
Aug 9, 2006
31
0
It's running XP Pro, but I checked the VPN settings I'm using the wrong user group...hoping this is the problem with me being able to remote into my pc. Would the wrong user group affect me from remoting in?
 

Queso

Suspended
Mar 4, 2006
11,824
7
On Cisco VPN concentrators the access is granted on a group basis, but your account is always linked to a group. So if it's accepting your VPN username and password, you should have the same group access you had with your Windows laptop.

One thing I've thought of, are you connecting to your work PC using it's machine name? If so, you need to remember that your Mac is not part of the Windows domain at work, so you will have to add the suffix for the domain to get the correct DNS resolution.
 

peterh2o

macrumors member
Original poster
Aug 9, 2006
31
0
dynamicv said:
One thing I've thought of, are you connecting to your work PC using it's machine name? If so, you need to remember that your Mac is not part of the Windows domain at work, so you will have to add the suffix for the domain to get the correct DNS resolution.

That has to be it!!! I'll give that a try when I get home. THANKS!!!
 

peterh2o

macrumors member
Original poster
Aug 9, 2006
31
0
That didn't seem to work...Domainname\compname...Am I going to have to resort to bootcamp or parallels?
 

Queso

Suspended
Mar 4, 2006
11,824
7
peterh2o said:
That didn't seem to work...Domainname\compname...Am I going to have to resort to bootcamp or parallels?
That format won't work away from the Microsoft way of doing things. For DNS resolution, you need to enter the "Fully Qualified Domain Name" for the computer, which is written in the format

compname.domaindnsname

In Windows a domain normally has a long name used for DNS, and a short name displayed to the users at logon, but the long name is the only one relevant for getting non-Windows computers to talk to Windows machines.

To find out the long domain name, open up a command prompt on the Windows PC and type "ipconfig /all". The "Primary DNS Suffix" part of the response is normally the long domain name.

So for example, if your Work PC was named PC00100 and the company's domain was ABCCOMPANY.COM, you would type

PC00100.ABCCOMPANY.COM

into the RDP client on the Mac. This does work once you get the format right, so don't go installing BootCamp just yet :)
 

peterh2o

macrumors member
Original poster
Aug 9, 2006
31
0
Sesshi said:
By remoting, what are you trying to do?

Have you enabled SMB/CIFS within Directory Access on the Mac?
I just need to be able to access my work comp in case something comes up when I'm out, ie outlook/email, network drives, proxying into other comps in the office, etc.

dynamicv- I realized that I had the name wrong and after a lil snooping online on the microsoft site it showed me that I need the full name so again I'll have to try it out tonight...I'm so close to detaching myself from windows outside of the office I can taste it!