hi
just switched to a mac from windows. I do a lot of coldfusion dev and use vpn to connect to the u server. I understand that the current cisco vpn doesn't work with tiger and I was wondering if you knew when it would or if there is another way for me to connect to the server?

thanks
james
roebuck@ag.arizona.edu

Cisco has released an update to it's VPN client for mac, version 4.6.3 has support for tiger. U of A does not currently have the current version on it's website (sitelisence.arizona.edu) but some internet searching can lead you to other places where you can download it. If you have the configuration files from U of A they work with the new version.

I have installed the new client on my powerbook, and it seems to be working well, however there are numerous horror story reports on the quality of this release from cisco.

http://www.macintouch.com/tiger17.html
http://www.versiontracker.com/dyn/moreinfo/macosx/12696&mode=feedback

The consensus seems to be if you're brave, go ahead and install it and see how it works for you.

Well, I'm glad to hear that they've got an update, but I'll wait for a while to see how it goes/gets updated. Where'd you download yours Mark? Or can't you tell us...

Seriously...where can we get our hands on the new VPN client?

Chris K. is working on getting the U of A packaged new Cisco VPN client together. Look for it on sitelicense.arizona.edu (http://sitelicense.arizona.edu) this week. I will reply again here when it is posted officially.

Excellent!

I looked for 4.6.3 this week and didn't see it. Have they uploaded it and just not updated the webpage to show that you're getting 4.6.3 as opposed to 4.6?

I have had success working with the wireless vpn inside the campus. But for some reason, the out of campus 'University of Arizona" vpn client seems to hang even it is able to connect. Even though the connection appears to be successful from home, i cannot access stuff like online journals though university subsciption. So it appears to work, but doesn't.

Thanks.
Souma

Sorry, I forgot to mention that I downloaded the new vpn for Tiger from a different place, and then used the configuration files, as suggested.
Thanks,
Souma

Yeah, the same thing happened to me. I've let Mark know about that as well as the fact that I can't seem to disconnect from the off campus VPN.

Another issue I discovered is that the VPN won't allow me to send outgoing mail from my email.arizona.edu address. In addition, I have to force quit the program because of my inability to disconnect as explained above. The VPN does prompt me for my UA net ID and verifies it, but that's about all it does.

I'm running the most recent release of Tiger (10.4.1) on a 1.5GHz G4 laptop if that's of any consequence.

EDIT: So I think this shows that the problem with the VPN isn't with the library as Mark and I hypothesized. I dunno about the wireless VPN though.

So I was just wondering if any new progress has been made on the VPN. I would really like to have it for my research and I know there are a lot of other new Tiger users who need to use it as well.

Any news when there will be a sitelicense version of Cisco VPN 4.6.3 posted?

I found 4.6.03 and it too has problems, luckily Cisco has yet another release that once you import the .pcf files for the university (you'll need to get those from the official sitelicense download) works like a charm.

http://www.affrc.go.jp/NSS/vpn/vpnclient/4.6.04/vpnclient-darwin-4.6.04.0061-GUI-k9.dmg


Good luck.

-J

Where's the link from? Most people know of my general "anti-piracy" stance on software and I don't wanna break that. I know that the U of A has a good license and would prefer to use that if possible.

But if the software is legit, then thanks for the fix!

An update: So the version of the VPN that Chris shared with me appears to be working. That is, I was able to access the library electronic journals that I needed. I can also send e-mail from my U of A address via the smtpgate.email.arizona.edu server which I've only been able to do while running the VPN. So, as far as I can tell, I'm connecting okay. My question is this: if the VPN asks for my name and password and I enter those and then says that I am connected, can I assume that my connection is working and secure? I'm on the road driving from Tucson to Rochester, NY and so will be using various internet connections (mostly provided through motels) and I just want my e-mail and stuff to be secure. Thanks for the help!

EDIT: I guess it would help to clarify that my primary concern is keeping my username and passwords from being broadcast out in the clear. So long as my VPN is running, I don't have to worry about folks breaking into my e-mail and taking my bank statements, right?

Your username and password will be passed through an encrypted VPN tunnel. You see there are actually two authentications done when using UA's VPN. The first is done using a group username/password that is hardcoded in the .pcf files distributed with the VPN client via site license. This establishes your intitial tunnel, next you authenticate via your UA NetID. Thus your UA NetID credentials are passed through the already established VPN tunnel. Pretty secure setup, standard VPN stuff.

To those of you who've been asking about the VPN client on OSX Tiger:

Cisco's software is still (by their estimation) broken on Tiger (see bottom of message). In order to check on new releases of it, one has to have access to a restricted area of Cisco's web site.

It appears that I'm not going to get access to that download area, so we'll have to be patient and let the various arms of CCIT keep checking there and take care of this themselves when Cisco fixes the problem. I've asked to be notified when that happens, and I'll pass the word along.

Meanwhile, people with Tiger who want to have full access to the campus network will have to be physically on campus and attached via something other than UA wireless.

The OSX VPN client (version 4.6) that's currently on sitelicense still works with most versions of OSX prior to 10.4.x. If an OSX Tiger user truly needs VPN connectivity, they can move back to 10.3.x. (An object lesson in the drawbacks to keeping "current" for its own sake!)

Here's what Cisco says about their most-recent try:

> Unresolved Issues
>
> CSCeh90939 unity mac rekey failure with 10.4
> CSCei00630 unity mac switching networks prevents client connect 10.4
> CSCei11378 unity mac error 47: failed to load ipseclog.exe
> CSCeh93891 unity mac gui many split tunnels will not pass traffic 10.4

VPN Success story: I upgraded my Titanium from Panther to Tiger (10.4.3), upgraded my CISCO VPN Client from 4.X to 4.6 (latest on Sitelicense), started it and currently using it. Works like it did when I was using it with Panther.

Hoooray!!