2. Configuration and connection

vpnc can either be used interactively or configuration files can be used.

2.1. Using a configuration file

When you try to connect to a cisco VPN by typing :

$ sudo vpnc

vpnc will look for the files /etc/vpnc.conf or /etc/vpnc/default.conf. If it does not find such files, vpnc will default to the interactive mode.

However, vpnc can support different configuration files and be called with the name of the file as an argument. For instance, if you create the configuration file /etc/vpnc/myconf.conf, you will be able to call vpnc like this:

$ sudo vpnc myconf


$ sudo vpnc myconf.conf

The configuration file has to be in /etc/vpnc/ and it need to have the extension .conf

The syntax of the configuration file need to be as follow:

IPSec gateway gateway.to.use
IPSec ID groupname
IPSec secret passwordforgroup
Xauth username myusername
Xauth password mypassword

Where equivalents in a .pcf file are:

2.2. Using intearactive mode

vpnc enters interactive mode if you call it without any arguments and there is no /etc/vpnc/default.conf or /etc/vpnc.conf.
It will also prompted the user for any argument which was not supplied in the configuration file.

Here is the output when vpnc is called that way:

$ sudo vpnc
Enter IPSec gateway address: example.com
Enter IPSec ID for example.com: examplegroup
Enter IPSec secret for examplegroup@example.com:
Enter username for example.com: foobar
Enter password for foobar@example.com:

Arguments can be set or overridden by passing them though the command line. Use vpnc -h for more details.

3. Disconnecting from a vpn

Once connected, the client can be disconnected using:

$ sudo vpnc-disconnect

4. More on decrypting the Group password

http://www.unix-ag.uni-kl.de/~massar/bin/cisco-decode provides the source code use to decrypt the group password.
I have attach this file to this post. Instruction on how to compile this code is detailed in the file.