The proprietary CiscoVPN Mac client is kinds buggy It is possible to use the IPSec VPN software included with Mac OS X instead. This tutorial shows you how to migrate from CiscoVPN to the native OS X IPSec VPN by decrypting passwords saved in CiscoVPN PCF files.

Advertisment

Please visit these guys if their offer interests you - they make this site possible.

1. Open Network Prefrences

Open up your System Prefrences and select "Network". Click on the little + button at the bottom of the window to create a new connection.

2. Creating a New VPN Connection

Pick "VPN" for the Interface and set its type to "Cisco IPSec". It doesn't matter what you set as the service name.

3. Set Your Server Address and Account Name

Copy the "Host" setting from CiscoVPN...

to the "Server Address" setting in your System Prefrences" and enter your username under "Account Name". You probably don't want to enter your password unless you are OK with the system saving it.

4. Find Your PCF File

On Mac OS X, PCF files are usually found in /private/etc/CiscoSystemsVPNClient/Profiles. Open up /Applications/Terminal and type the following:

cd /private/etc/CiscoSystemsVPNClient/Profiles
cat *.pcf

You should get something like this:

5. Get Your Encrypted Group Password

Find that long list of letters and numbers after enc_GroupPwd= and copy it. Also make note of the GroupName - you'll need that in a bit as well.

6. Decrypt Your Group Password

Paste that sequence of characters into the fancy schmancy decoder ring below and click "Decode". (pops up a new window)

Fancy Schmancy Decoder Ring

As an example, this should return "letmein" as the password:

Thanks to HAL-9000 at evilscientists.de and Massar's work on cisco-decrypt.c for the magic here.

7. Enter your Shared Secret and Group Name

Click "Authentication Settings" back in the Network Prefrences screen. Enter the resulting decoded password into the "Shared Secret" section of the new VPN connection and set the GroupName from above as well.