These instructions have not been extensively tested; USE THESE INSTRUCTIONS AT YOUR OWN RISK!
Installation
Install the Cisco VPN software, named vpnc. The software is available here, or (and highly recommended) you can use your distribution's package manager to install it.
Once the software is installed, there should be a configuration directory in /etc/vpnc . In this directory, the settings below should be entered into the file default.conf (you may need to create this file). Since it will have your username and password, it should be readable and writable only by root.
/etc/vpnc/default.conf:
IPSec gateway vpn.cc.oberlin.edu
IPSec ID OC
IPSec obfuscated secret [secret password]
Xauth username [email username]
Xauth password [email password]
[secret password] needs to be located. Go to https://hera.cc.oberlin.edu/cit/downloads/Macosx/Oberlin%20VPN.pcf and look for the string after enc_GroupPwd. This is the secret password. Copy this in.
Firewall - Shorewall
If you have a firewall on your machine, you may need to open up some ports. If you use shorewall, then you will need to add the following things to various shorewall configuration files, probably located in /etc/shorewall
add to interfaces file:
vpn tun0 detect blacklist
add to zones file:
vpn ipv4
add to policy file:
loc vpn ACCEPT info
vpn all DROP info
Firewall - Firestarter
If you use firestarter, add the following to your /etc/firestarter/user-pre file:
VPNGATEWAY=vpn.cc.oberlin.edu
TUNDEV=tun0
iptables -A INPUT -j ACCEPT -s $VPNGATEWAY -p esp
iptables -A INPUT -j ACCEPT -s $VPNGATEWAY -p udp
-m multiport --sports isakmp,10000
iptables -A INPUT -j ACCEPT -i $TUNDEV
iptables -A OUTPUT -j ACCEPT -d $VPNGATEWAY -p esp
iptables -A OUTPUT -j ACCEPT -d $VPNGATEWAY -p udp
-m multiport --dports isakmp,10000
iptables -A OUTPUT -j ACCEPT -o $TUNDEV
Starting/Stopping
To start using VPN, run:
sudo vpnc-connect
To disconnect from VPN, run:
sudo vpnc-disconnect