Make a PayPal Donation


  KB 0000163
  Dated 07/03/10
  Revision 0.01
   
Cisco - Windows x64 Bit VPN Client (IPSEC)
Note: This page was originally written before the release of the Cisco x64 bit Windows 7 Client
 
Problem

I was widely accepted for some time that Cisco's support for the IPSEC VPN client will not be extended to x64 bit Windows platforms, That's simply because they are gearing up towards their own AnyConnect VPN client.

Update 18/02/10 - Cisco have released an x64 Bit VPN Client for Windows 7 (vpnclient-winx64-msi-5.0.07.0240-k9-BETA).

Tthe cost to swap over to SSL/AnyConnect VPN, in terms of licensing and consultancy is VERY high.

NCP have had a x64 bit compatible client on the market for a while to get round that, but its not free (though considerably less than a bunch of SSL VPN licence's!) However, as is the way with these things, as soon as people are forced to pay for stuff, someone will produce a free piece of software to do the same.

Step forward Shrew Soft, I test a lot of stuff, and its rare that a piece of freeware is as feature rich as the commercial product - but this is :)
Solution

1. Firstly I'm assuming you already have the VPN setup, working, and tested, on your Cisco PIX/ASA device, if not CLICK HERE for instructions, or if your scared of command line try THIS or THIS.

2. You need to know the same three primary pieces of information that you need to configure the Cisco VPN Client, those are,

a. The public IP address of the device you are connecting to.
b. The "Tunnel Group Name" of the remote access VPN
c. The "Shared Secret" of the remote access tunnel group

To get the last two pieces of information issue a "more system:running-config" command on your firewall.

PetesASA# more system:running-config

{keep pressing the space bar to scroll though the config}

---unimportant-config-removed-------

tunnel-group Remote-VPN type remote-access
tunnel-group Remote-VPN general-attributes
address-pool IPSEC-VPN-DHCP-POOL
authentication-server-group PNL-KERBEROS
default-group-policy Remote-VPN
tunnel-group Remote-VPN ipsec-attributes
pre-shared-key this_is_the_pre_shared_key

---unimportant-config-removed-------

So in the example above the Tunnel Group Name is "Remote-VPN" and the shared secret is "this_is_the_pre_shared_key".

3. Download and install the software from Shrew Soft (in this example I'm using 2.1.5-release)
4. Configure as per the video below.

 

If this post helped you, PLEASE take the time to +1 it.

Please be aware, all information is provided free, but it does cost me to have this site hosted, if I've helped you in any way, or saved you some time/cost please take time to make a donation.

If you have anything to add to an article, or have an article you would like us to publish please feel free to contact PeteNetLive. (Please be aware I get a LOT of email, I cannot assist and fix everyone's problems, please do not be offended if you do not get a response).
References - Credits - Or External Links
NA

 


powered by
Socialbar