Quick Info DoIT Home Forms Forwarding your e-mail Help Desk Service Request Internet Account Request Password Change Server Maintenance Schedule Technical Support Documentation

Cisco's VPN Client 4.x for Macintosh OS X 10.2 through 10.5

---

Table of Contents

What is a VPN and who can use it
Installation
Configuration
Making Your VPN Connection
Disconnecting

---

What is a VPN and who can use it

Some networked university resources available to faculty and staff can only be accessed from a computer using a San Francisco State University IP Address.  Among other things, this includes access to departmental Local Area Networks.  Networked computers on campus always have an SFSU IP address, while computers connected to the Internet through a commercial ISP (Internet Service Provider) do not have an SFSU IP address.  In other words, if you connect to the Internet from off campus using a commercial ISP you do not have access to certain on-campus resources.  A VPN, or Virtual Private Network, makes a second connection to the Internet through an existing connection. The second connection is assigned a second IP address by a VPN server.   Using Cisco's VPN client, faculty and staff can make a VPN connection to the university and be assigned an SFSU IP address.   As an additional benefit, information passed through the VPN is encrypted from the client machine (your computer) to the VPN server.

Cisco VPN access has four requirements:

• You must be employed as faculty or staff at San Francisco State University.
• You must install and configure the Cisco VPN Client on your computer.
• Your Internet connection must be  through a non-SFSU provider or through the campus-wide wireless network.
• You must have a San Francisco State University email/Internet account.

Benefits

• Access to networked resources available only to computers using a San Francisco State University IP address.
• Sensitive information (e.g., your LAN password) is encrypted using the IPSec protocol while passing through the VPN.  This provides security between your off campus computer and our on campus VPN server.

TOP OF PAGE

---

Installation

1.  For MacOS X 10.4 or 10.5, click on the Download Cisco VPN Client 4.9.01... button.  For Mac OS X 10.2 or 10.3, click on the Download Cisco VPN Client 4.7... button.  MacOS X 10.0 and 10.1 are not supported.  You will need to enter your University ID number and PAC number, then save the client installer onto your desktop. 
 


2.  Double click on vpnclient4.9..01.dmg (OSX 10.4 or 10.5) or vnpclient4.7.dmg (OSX 10.2 or 10.3) to mount a disk image on the desktop named CiscoVPNClient then double click the disk image icon on the desktop to open the disk image.


3.  Double click the Cisco VPN Client.mpkg icon to initiate the installer.  On some versions of Mac OS X, the installer will ask for you to enter your username and password for the computer before you can continue with the installation.


4.  The first dialog tells you the minimum version of Mac OS X you need to install the VPN client.  If you have Mac OS X version 10.4 or 10.5 you should be using the Cisco VPN 4.9.01 installer and this screen will specify Mac OS X version 10.4 or greater. If you have Mac OS X 10.2 or 10.3 you should be using the Cisco VPN 4.7 installer and this screen will specify Mac OS X version 10.2 or greater.


5a.  In the next dialog box will be the Software License Agreement.  Read the Terms of the license, click continue.


5b.  Another smaller dialog box will appear and prompt if you agree or disagree to the license.  If you agree to the terms, click Agree.


6.  Select your primary hard drive in the next dialog box.  If you have multiple drives or have disk images mounted, these will be displayed at this time.  Choose your primary (main) hard drive.  Note that this screen tells you how much disk space you need for the version of the installer you are using.


7.  Click Install.


8.  Next, a dialog box will prompt for your username and password to your computer.  This user must have administrative rights to the Macintosh.


9.  If the installation was successful, you will see the following screen and should click Close.


10.  The next step will be to configure the VPN client.

TOP OF PAGE

---

Configuration

1. Locate the VPN Client. ( In OS X 10.2 and 10.3 the icon displays "VPN" instead of "CISCO" ) It should reside in your Applications folder.  For your convenience, you may want to drag the VPN Client icon to your dock.  In the future you will be able to launch the VPN client from that location. 
2. Launch the VPN client.
   
3. Click on the "New" icon to open a "Create New VPN Connection Entry" window.
   
   
4. Fill in the top three fields of the "Create New VPN Connection Entry" window as follows:
   1. Connection Entry:  SFSUVPN        note: there is no space between SFSU and VPN
      
   2. Description:  Secure VPN to SFSU
   3. Host:  130.212.199.5
      
5. Select the Authentication tab, enable Group Authentication, then enter the following settings:
   1. Name: vpnuser
   2. Password: sfsu
   3. Confirm Password: sfsu   (Note:  You will see "****" where you type in "sfsu")
      
      
6. Select the Transport tab.  Verify that:
   1. "Enable Transparent Tunneling" is checked.
   2. "IPSec over UDP (NAT / PAT) is selected.
      
      
   3. Click on "Save" to save the configuration for your SFSU VPN connection entry and return to the main "VPN Client" window.  You should see "SFSUVPN" listed as an entry under the "Connection Entry" column.
      
7. If you are installing version 4.7 in OS X 10.2 or 10.3, reboot your machine after the installation is complete.
   

TOP OF PAGE

---

Making your VPN connection

1. If you use a dial-up modem to connect to the Internet, make your Internet connection before opening the Cisco VPN Client.
2. Open the VPN Client by clicking on the VPN icon that you created in the Dock or by clicking on the VPN icon in the Applications folder.  
3. Select the connection entry that was created earlier and click "Connect"  in the Cisco VPN client dialog box.


4. Once a connection is made, you will be prompted for your username and password in an authentication window.  Use your San Francisco State University email account name and password.  Remember, your account name does not include the "@sfsu.edu" that is in your email address.  Click on "OK" to continue.
   
5. After a valid authentication, banner window opens welcoming you to San Francico State University.  Click on "Continue" to close it.
   
   
6. Once you are connected, there will be a picture of a lock next to your "Connection Entry" 
   .  The "Connect" button will also be transformed into "Disconnect".  When finished using the VPN,  click the "Disconnect" button and the VPN connection will be terminated.
   
   
7. Disconnects Due to Timeouts!
   1. You will be disconnected if you don't transfer information over your VPN connection for more than one hour.
   2. You will be disconnected three hours after you make your VPN connection.
   3. You can double-click on the  "unlocked padlock" icon on the task bar to open the VPN Client window then reconnect.

TOP OF PAGE

---

HOME

---

Site Home | What We Do | Help Desk | Account Services | Software | Hardware | Network
Telephone Services | Training | Computer Labs | Web Publishing | Policies | Sitemap | Contact Us

---

Last Modified: 09 January 2008
doit@sfsu.edu