vpnc is an opensource alternative to using the Cisco VPN client on Linux machines. If your corporate or school VPN is Cisco based, vpnc is a great tool to use compared to the ugly tainted kernel modules produced by the Cisco VPN client. The default vpnc client on Fedora 9 is compiled without OpenSSL suuport, therefore it is not possible to directly use vpnc to connect to VPN's that use SSL certificates (AuthType=5). The solution is simple however, just compile vpnc with OpenSSL support !.
Grab the OpenSSL source from http://www.unix-ag.uni-kl.de/~massar/vpnc/
Untar the sources.
tar xvf vpnc-0.5.1.tar.gz
Uncomment the following lines from the Makefile (lines 49-50).
OPENSSL_GPL_VIOLATION = -DOPENSSL_GPL_VIOLATION
OPENSSLLIBS = -lcrypto
Make and install.
make && sudo make install
Edit /etc/vpnc/default.conf and add your VPN settings. These can be found from the .pcf file provided by your system admin. The important settings are:
IPSec gateway 10.1.1.0 #IP address of your gateway
IPSec ID MyVPN #Group name of your VPN
IPSec secret mypassword #Group password in plaintext. If not known, use IPSec obfuscated secret
IPSec obfuscated secret 234AB765C #Encrypted group password.
IKE Authmode hybrid #keep this setting unless it's different for your VPN
CA-File /etc/vpnc/rootcert #Full path to the root server certificate file
Start the client.
The client will prompt you for the username and password. You can store these values in the config file by using the XAuth username and XAuth password fields if you want vpnc to automatically login without prompting you.
If the settings are correct, vpnc will fork to the background and start the encrypted tunnel, Your VPN connection is up and running !