University of Würzburg and Shew VPN

May 31st, 2009 by Martin Becker | Posted in Computer, Windows |

Cisco does not provide any Client-Software for Vista64. So this is what can be done:

• Download and install the free VPN-Software: Shew Soft VPNClient
• Create a *.vpn file with these contents (source: http://www.shrew.net/static/howto/CiscoPix/ciscopix.vpn):

n:version:2
n:network-ike-port:500
n:network-mtu-size:1380
n:client-addr-auto:1
n:network-natt-port:4500
n:network-natt-rate:15
n:network-frag-size:540
n:network-dpd-enable:1
n:client-banner-enable:1
n:network-notify-enable:1
n:client-wins-used:0
n:client-wins-auto:1
n:client-dns-used:1
n:client-dns-auto:1
n:client-splitdns-used:1
n:client-splitdns-auto:1
n:phase1-dhgroup:2
n:phase1-life-secs:86400
n:phase1-life-kbytes:0
n:phase2-life-secs:3600
n:phase2-life-kbytes:0
n:policy-list-auto:1
n:policy-nailed:0
n:vendor-chkpt-enable:0
s:network-host:132.187.1.5
s:client-auto-mode:pull
s:client-iface:virtual
s:network-natt-mode:enable
s:network-frag-mode:enable
s:auth-method:mutual-psk-xauth
s:ident-client-type:keyid
s:ident-server-type:address
s:ident-client-data:Login
b:auth-mutual-psk:<<invalid key>>
s:phase1-exchange:aggressive
s:phase1-cipher:auto
s:phase1-hash:auto
s:phase2-transform:auto
s:phase2-hmac:auto
s:ipcomp-transform:disabled
n:phase2-pfsgroup:-1

• Import your created *.vpn to the Shrew Soft VPN Client
• Go here (or any other place where you can decrypt a Cisco VPN password) to decrypt the password (located at enc_GroupPwd=<<key>> where <<key>> is the key you want to copy) from vpn-uniwue.pcf: http://coreygilmore.com/projects/decrypt-cisco-vpn-password/
• Modify the imported connection as follows:
  • Authentication->Credentials->Pre Shared Key: add the key you decrypted above

that should be it