Help me get my Mac connected to my company's VPN.
August 30, 2011 9:18 PM   Subscribe

Help me get my Mac connected to my company's VPN.

I'm running a Mac Book Pro with Lion (10.7.1). I'm one of two or three Mac users at my company, of approx 40 people with minimal IT support (and the IT support we do have is Mac-phobic). The Cisco VPN client that I ran on Snow Leopard (32-bit) now no longer works on Lion (64-bit). Our VPN protocol is IPSec.

I would like to get a VPN client that allows me to our network. I followed instructions for connecting through the Mac System Preferences as outlined here and here. Neither worked -- server connection times-out.

I tried another solution, downloading the AnyConnect VPN client from Cisco, as described in the Cisco Support Forumhere and here. I even read the AnyConnect release notes. (The release notes even have a specific mention of Lion, which I followed.) No luck with that either -- login failures and server connection times-out.

I'm pretty sure I have all my credentials correct -- network address, group name, shared secret, user name and password. So what gives? Is it not possible to connect to a VPN over IPSec on a 64-bit Mac? Is there something on the server side (which I have access to) that I need to do?

Side Question: One work-around is that I can boot Lion in 32-bit mode and use my old Cisco VPN client. But I'm not sure if I want to set my machine to run Lion in 32-bit all the time. Are there any drawbacks of run 32-bit instead of 64-bit? Do I gain anything by running 64-bit Lion? I do everything from editing large Photoshop files to working with large datasets Excel, to running emulation software, to batch processing hundreds of files. What would I lose of I just set my MPB to boot in 32-bit as described here?
posted by slogger to Computers & Internet (9 answers total) 2 users marked this as a favorite
Can you set the CiscoVPN or AnyConnect VPN client to run in 32-bit mode, instead? Click on the application icon, press Cmd-I to bring up the information window. Click on the checkmark next to "Open in 32-bit mode".

As to what you lose booting in 32-bit mode, instead of setting this mode on a per-app basis: Large file support, mostly, along with slightly better general app performance (including Photoshop). Excel will probably run out of memory before the computer does, though.
posted by Blazecock Pileon at 9:48 PM on August 30, 2011

Have you checked your firewall settings in OS X?
posted by zippy at 10:53 PM on August 30, 2011

I've used IPSecuritas to connect to both Checkpoint and Cisco IPSEC vpns with good luck on the last four or five versions of OS X (including Lion).
posted by togdon at 11:07 PM on August 30, 2011

Are you sure you need a client for this VPN?

Since 10.5 or 10.6, Mac OS X has had built-in support for Cisco VPNs. It's way better than the Cisco stuff.

If you do need a client, check out Shimo.
posted by krilli at 2:13 AM on August 31, 2011

I use the built in VPN client on 10.6 to connect to our Cisco IPSec VPN, and several of my coworkers use it in 10.7. This will probably get you close - Setting up a connection to a virtual private network. This may be useful also - Mac OS X 10.6 (Snow Leopard) Built-in VPN Setup.

I used both of these to get going, but I had to contact our network admin for some of the settings, such as the shared secret. Mac-phobic or not, your IT guys should be able to provide you with the configuration options you need.
posted by ralan at 4:38 AM on August 31, 2011

Blazecock: You're talking about the Get Info window? I see no such check box there (or in the Get Info window for any application).

zippy: I have not checked my firewall settings, but suspect that this is not the issue, because I can successfully connect to the VPN using the Cisco client when I boot in 32-bit mode.

togdon: I tried IPSecuritas. Some of the setup, especially the server-side instructions, went a bit over my head. I'm afraid to dig too deep on the server side stuff for fear of bringing down the company network.

krilli and ralan: I have tried configuring the VPN settings through the Network Settings and get the following error: "The VPN server did not respond. Verify the server address and try reconnecting." I am pretty certain that I have the correct address, group name and shared secret. I'm going to try Shimo too, but at this point I am not very hopeful.
posted by slogger at 6:58 AM on August 31, 2011

Here's a workaround for the known issue of Mac OS X 10.7 and Cisco VPN. As an alternate (if I'm parsing the linked advice correctly) to booting into 32-bit mode you can:

"Configure the Mac OS X built-in VPN client to connect to the UCLA VPN using any one of the following protocols: PPTP or Cisco IPSEC"
posted by zippy at 1:41 PM on August 31, 2011

Zippy makes a good point - are you using the correct VPN Type? I have to use the L2TP over IPSec, but there are two other options to choose from - PPTP and Cisco IPSec. See if you have better results with whatever VPN type you're not using.
posted by ralan at 3:26 PM on August 31, 2011

Yeah, I've tried all three VPN types -- IPSec, L2TP over IPSec and that are available in the Network panel under System Preferences. Nada.

After asking here, writing to the guys at Mac Geek Gab, posting in the Apple support forums and digging through the Cisco support forums, I am finally giving up. Thanks to everyone who tried to help.
posted by slogger at 5:54 AM on September 1, 2011

« Older How do people who work as psychics actually do it?   |   Help me buy a winter beater Newer »
This thread is closed to new comments.