Note that you can also create a vpnc config file so that you don't have to keep all that on the command line. See "man vpnc" for details, but briefly, create a file named <whatever>.conf in /etc/vpnc. The vpnc man page has the corresponding conf file setting for each command line arg. For instance, I have a file /etc/vpnc/sat1.conf, which looks like:
Code:
$ cat /etc/vpnc/sat1.conf
IPSec gateway <the vpn gateway>
IPSec ID <group id>
IPSec secret <group password>
Xauth username <user id>
IKE Authmode psk
# Xauth password <user password>
With this file, I can then just run "sudo vpnc sat1", and it uses those settings. My user password is based on a rotating RSA token, so I've commented that out, and it asks for my password each time.
As an alternative to manually writing the file, there's a Perl script out there called "pcf2vpnc" that will convert a Cisco pcf config file to a vpnc one. There's also some C code called "cisco-decrypt.c" that will decrypt encrypted passwords from said pcf files if you need those. Just google around a bit to find them as well as instructions for using them.
Bookmarks