Posted by & filed under Tutorials.

I’ve found that Cisco did not release their VPN Client for 64 bit machines…. so…. who cares !
The problem could be addressed using cygwin and vpnc opensource client.
This tutorial is suitable for people who are a little bit confortable with unix like shell or similar, I will not detail every step such as the cygwin installation steps.
Let’s begin !
P.s I based this article starting from what I’ve found here , thanks to “Salty”.
1- Install CygWin in Windows 7: http://www.cygwin.com
You should install those packages in addition to the base system:
- gcc-core
- libgcrypt-devel
- make
- perl
2- You will find on your Desktop the Cygwin link to open the bash prompt.
3- Modify the bash.exe executable to “Run as Administrator”: go to c:\cygwin\bin search bash.exe, right click on it, go to the “Compatibility” tab and flag “Run as Administrator”
4- Go to http://www.unix-ag.uni-kl.de/~massar/vpnc/ and download vpnc-0.5.3.tar.gz
5- Uncompress the tarball with the command “tar xvfz vpnc-0.5.3.tar.gz”
6- Enter the vpnc-0.5.3 directory with “cd vpnc-0.5.3″
7- Compile and install the vpnc client launcing the command “make install”
8- Download and Install OpenVPN from http://openvpn.net/index.php/open-source/downloads.html openvpn-2.1_rc20-install.exe
9- Run the OpenVPN Installater and deselct everything but TAP-Win32 Adapter V9
10- Check the Control Panel –> Network Connection and rename the TAP device as “VPN”
11- Create a configuration file in /etc/vpnc/default.conf as the following:
1
2
3
4
5
6
7
8
IPSec gateway YOURGATEWAY
IPSec ID YOURID
IPSec obfuscated secret YOURREALYLONGHEXVALUE (you can use your clear text password here if you remove obfuscated)
Xauth username YOURUSERNAME
Xauth password YOURPASSWORD
Interface name VPN
Interface mode tap
Local Port 0
12- Now you have to modify the file c:\cygwin\etc\vpnc\vpnc-script-win.js, I’ve modified what I’ve found on the Theology Web site I mentioned at the top of this article.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
// vpnc-script-win.js
//
// Sets up the Network interface and the routes
// needed by vpnc.</div>
// --------------------------------------------------------------
// Utilities
// --------------------------------------------------------------

function echo(msg)
{
WScript.echo(msg);
}

function run(cmd)
{
return (ws.Exec(cmd).StdOut.ReadAll());
}

// function getDefaultGateway()
// {
// if (run("route print").match(/Default Gateway: *(.*)/)) {
// return (RegExp.$1);
// }
// return ("");
// }

function getDefaultGateway()
{
var stuff = run("route print 0.0.0.0 mask 0.0.0.0");
var res;
var inal;
//echo ("Stuff" + stuff);
if (res = stuff.match(/0.0.0.0 *(.*) 0.0.0.0 *(.*)10/)) {
// echo ("RegExp: "+RegExp.$1+"2: "+ RegExp.$2+" 3:"+RegExp.$3);
//echo ("res :" + res[0]+" THE END!!!");
inal = res[0].split(/\s/);
for (var i = 0; i &lt; inal.length; i++) {
echo ("inal :" + inal[i]);
}

return (inal[2]);
}
return ("");
}

function getDefaultGatewayOnDisconnect()
{
var stuff = run("route print " + env("VPNGATEWAY") + " mask 255.255.255.255");
var res;
var inal;
//echo ("Stuff" + stuff);
if (res = stuff.match(new RegExp(env("VPNGATEWAY") + " *(.*) 255.255.255.255 *(.*)10","ig"))) {
//echo ("RegExp: "+RegExp.$1+"2: "+ RegExp.$2+" 3:"+RegExp.$3);
//echo ("res :" + res[0]+" THE END!!!");
inal = res[0].split(/\s/);
for (var i = 0; i &lt; inal.length; i++) {
echo ("inal :" + inal[i]);
}

return (inal[2]);
}
return ("");
}

// --------------------------------------------------------------
// Script starts here
// --------------------------------------------------------------

var internal_ip4_netmask = "255.255.255.0"

var ws = WScript.CreateObject("WScript.Shell");
var env = ws.Environment("Process");

switch (env("reason")) {
case "pre-init":
break;
case "connect":
var gw = getDefaultGateway();
echo("Default GW: " + gw );
echo("VPN Gateway: " + env("VPNGATEWAY"));
echo("Internal Address: " + env("INTERNAL_IP4_ADDRESS"));
echo("Internal Netmask: " + env("INTERNAL_IP4_NETMASK"));
echo("Interface: \"" + env("TUNDEV") + "\"");

if (env("INTERNAL_IP4_NETMASK")) {
internal_ip4_netmask = env("INTERNAL_IP4_NETMASK");
}

echo("Configuring \"" + env("TUNDEV") + "\" interface...");

run("netsh interface ip set address \"" + env("TUNDEV") + "\" static " +
env("INTERNAL_IP4_ADDRESS") + " " + internal_ip4_netmask);

echo("Delete Default Route Output: " + run("route delete 0.0.0.0 mask 0.0.0.0"));
echo("Waiting 5 seconds to add new default route...");
run("sleep 5");
echo("Adding new VPN Default Route: " + run("route add 0.0.0.0 mask 0.0.0.0 " + env("INTERNAL_IP4_ADDRESS")));
echo("");

// Add direct route for the VPN gateway to avoid routing loops
echo("Add direct route for the VPN gateway to avoid routing loops");
echo("route add " + env("VPNGATEWAY") + " mask 255.255.255.255 " + gw);
run("route add " + env("VPNGATEWAY") +
" mask 255.255.255.255 " + gw);

echo("Checking for WINS Servers...");
if (env("INTERNAL_IP4_NBNS")) {
echo("WINS Found, adding them to the TAP Device...");
var wins = env("INTERNAL_IP4_NBNS").split(/ /);
for (var i = 0; i &lt; wins.length; i++) {
run("netsh interface ip add wins \"" +
env("TUNDEV") + "\" " + wins[i]
+ " index=" + (i+1));
}
}

echo("Checking for DNS Servers...");
if (env("INTERNAL_IP4_DNS")) {
echo("DNS Found, adding them to the TAP Device...");
var dns = env("INTERNAL_IP4_DNS").split(/ /);
for (var i = 0; i &lt; dns.length; i++) {
run("netsh interface ip add dns \"" +
env("TUNDEV") + "\" " + dns[i]
+ " index=" + (i+1));
}
}

echo("done.");

// Add internal network routes
echo("Configuring networks:");

if (env("CISCO_SPLIT_INC")) {
for (var i = 0 ; i &lt; parseInt(env("CISCO_SPLIT_INC")); i++) {
var network = env("CISCO_SPLIT_INC_" + i + "_ADDR");
var netmask = env("CISCO_SPLIT_INC_" + i + "_MASK");
var netmasklen = env("CISCO_SPLIT_INC_" + i +
"_MASKLEN");
run("route add " + network + " mask " + netmask +
" " + env("INTERNAL_IP4_ADDRESS"));
}

} else {
echo("Gateway did not provide network configuration.");
}
echo("Route configuration done.");

if (env("CISCO_BANNER")) {
echo("--------------------------------------------------");
echo(env("CISCO_BANNER"));
echo("--------------------------------------------------");
}

break;
case "disconnect":
// Delete direct route for the VPN gateway to avoid
echo("Cleaning Routes...");

var gw = getDefaultGatewayOnDisconnect()
echo("DefaultGW: " + gw);

echo("route delete " + env("VPNGATEWAY") + " mask 255.255.255.255");
run("route delete " + env("VPNGATEWAY") + " mask 255.255.255.255");

echo("route delete 0.0.0.0 mask 0.0.0.0 ");
run("route delete 0.0.0.0 mask 0.0.0.0 ");

echo("route add 0.0.0.0 mask 0.0.0.0 " + gw);
run("route add 0.0.0.0 mask 0.0.0.0 " + gw);
}
13- Now you should be ready to run the command “vpnc –no-detach”
14- You should be connected to your VPN !

Comments are closed.