VPNC on OSX and Cisco issue

OSX Cisco issue
OSX Cisco issue

Message error :

The VPN Shared Secret is incorrect.

If you are hitting this issue with builtin “Cisco Systems VPN Client” on Mountain Lion OSX you can try to use VPNC (OSX Cisco client) installing it from source code … or using MacPorts.
The main advantage to use MacPorts is that it is easy to use and you have access to other ported programs.
The main disadvantages you have to install some softwares (such as Xcode).

Here steps for VPNC from MacPorts.

#0 Install “XCode” and “Apple’s Command Line Developer Tools”

Download & Install both from :
alternatively … Xcode can be installed by AppStore :

and “Apple’s Command Line Developer Tools” can be installed directly by XCode

#1 Install MacPorts

#1.a download PKG for your platform (here Mountain Lion)
#1.b run MacPorts-2.1.3-10.8-MountainLion.pkg
#1.c  in Terminal execute command : sudo port -v selfupdate
(optional in order to get auto update of release)

if you need details : http://www.macports.org/install.php

#2 Install VPNC on OSX

Just to let you know all available ported pkgs are here:
Btw about VPNC by Terminal run command :

#> port search vpnc
vpnc @0.5.3 (net) client for cisco vpn concentrato 
#> sudo port install vpnc 

(Others commands for MacPorts : http://guide.macports.org/#using.port)

#3 Configure

MacPorts installs cfg under /opt/local/etc/vpnc

#> cd /opt/local/etc/vpnc
#> sudo cp default.conf myvpn.conf

now  myvpn.conf  contains :

IPSec gateway <gateway>
IPSec ID <group-id>
IPSec secret <group-psk>
IKE Authmode hybrid
Xauth username <username>
Xauth password <password>

Fill the file myvpn.conf with connection params :

IPSec gateway
IPSec ID myGroupName
IPSec secret myPasswordGroup
IKE Authmode psk
Xauth username giovanni
Xauth password myPassword

In some cases, for security reasons,  you could need to use obfuscated secret like:
IPSec obfuscated secret 92BCAB1AAAAAA487633FF675C4F75F42C80849434FFDB940D7694
(IPSec obfuscated secret instead of IPSec secret ….)

I didn’t find any online encoder but you can use enc_GroupPwd which is present in pcf file from CiscoClient

Online IPSEC secret decoder (vpnclient password decoder):

#4 Run VPNC and ISSUE

#> sudo vpnc myvpn
can't initialise tunnel interface: No such file or directory

Now this happen because /dev/tun* aren’t created despite package tuntaposx is installed by MacPorts …
I don’t know why MacPorts doesn’t provide to do this maybe Kernel extension isn’t correctly under /Library/Extensions/Library/StartupItems/
You can try to fix that or install manually tuntap osx :

after installed tuntaposx:

#> ls /dev/tun*
    /dev/tun0       /dev/tun10      /dev/tun12      /dev/tun14      /dev/tun2       /dev/tun4       /dev/tun6       /dev/tun8
    /dev/tun1       /dev/tun11      /dev/tun13      /dev/tun15      /dev/tun3       /dev/tun5       /dev/tun7       /dev/tun9

#> ls /Library/StartupItems/
    tap             tun

#> ls /Library/Extensions/
    tap.kext        tun.kext

Now you can run VPNC

User Review
0 (0 votes)