This discussion is locked
gsimp

Q: Importing Cisco VPN Certificate into Snow Leopard's Cisco IPSec VPN

I'm trying to import the certificate that we use for the Cisco VPN client into the Keychain so that Snow Leopard's Cisco IPSec VPN and use it. The certificate is x509 Base64. I can import it into my Keychain ok, but when I try to select it under Machine Authentication, I get a message that No machine certificates found. I converted the certificate to PKCS#7 which also I can import into the Keychain but I still get the message No machine certificates found. What is the minimum certificate I can use for Snow Leopards Cisco IPSec VPN? Where in the keychain should I be placing these. Currently, it is in login under Certificates.

MacBook, Mac OS X (10.6.2)

Posted on Dec 23, 2009 11:07 AM

Close

Q: Importing Cisco VPN Certificate into Snow Leopard's Cisco IPSec VPN

  • All replies
  • Helpful answers

Previous Page 2
  • by p120ph37,

    p120ph37 p120ph37 Nov 30, 2010 2:18 PM in response to gsimp
    Level 1 (0 points)
    Nov 30, 2010 2:18 PM in response to gsimp
    I've had this same issue. Finally, today I dug up the source code and fixed it myself!

    Detailed description of the fix and instructions on setting up a Cisco VPN connection with a certificate can be found in the README of my project here:

    https://github.com/p120ph37/darwin-racoon-cisco-cert-fix

    -Aaron
  • by ktalent1,

    ktalent1 ktalent1 Dec 14, 2010 7:10 PM in response to p120ph37
    Level 1 (0 points)
    Dec 14, 2010 7:10 PM in response to p120ph37
    I started off using Cisco's software and it worked fine until one day it simply would not connect. I switched to OSXs VPN software that you set up in network preferences and it was great for ~ 2 months until today, when it stopped working. Cisco's still does not work. I can't imagine what has changed in the last 24 hours to make it stop working, but I know it's not my university's problem because my Snow Leopard laptop still connects fine.

    The previous commenter certainly seems to know what he is talking about but it seems like heavy lifting for an end-user such as myself. Is there no way to get this working again???
Previous Page 2