Utrecht University offers a VPN service called Solis-VPN. This works fine under Windows using the Cisco Client, but this client is not available for newer (10.6+) version of Mac OS X that run a 64-bit kernel by default.

Update: Cisco released the 'Cisco Anyconnect' VPN client available that works under OS X 10.7.* (Lion) as well. It is a Java client which Solis-VPN users can download at https://solisvpn.uu.nl. Unfortunately it seems, this client only routes traffic over the VPN that is on the target network, there is no option to route all traffic over the VPN. Therefore, you cannot route your web traffic over the VPN to download papers from journals that only allow access from a university network.

Although OS X Lion has a built-in VPN client that should support the Cisco protocol, this did not work in my case with the UU Solis VPN for some reason. I finally got it to work using vpnc. The following steps should help you set up the VPN client as well:

  1. Download and install Xcode and the Developer Tools. The latter can be installed at the Downloads section of Xcode's preferences.
  2. Install Macports, a package manager for OS X
  3. Install vpnc
  4. Configure tuntaposx
  5. Configure vpnc
  6. Connect and disconnect the VPN

This worked for me on Mac OS X 10.7.5 with vpnc version 0.5.3 and tuntaposx version 20111101.

Step 1 and 2 are documented in abundant details elsewhere, so I will skip these here.

Install vpnc (step 3)

Install vpnc with the hybrid_cert option in case you might need it. For UU Solis VPN this is not required.

sudo port install vpnc +hybrid_cert

Configure tuntaposx (step 4)

To set up the network connection, vpnc uses tuntaposx. This is automatically installed once you install vpnc, but it's not configured properly for some reason. To fix this, run

sudo rsync -av /opt/local/Library/Extensions/* /Library/Extensions/
sudo rsync -av /opt/local/Library/StartupItems/* /Library/StartupItems/

which will copy the Kernel extension bundles to the proper locations and load them at startup.

Configure vpnc (step 5)

To connect to your favourite VPN server, create a configuration file in /opt/local/etc/vpnc/. For Solis VPN, you need these settings:

IPSec gateway 131.211.0.34
IPSec ID everyone
IPSec secret rlakluxiupoeqlurlaqo
IKE Authmode psk
Xauth username <SOLISID>
Xauth password <PASSWD>
Enable Single DES
DPD idle timeout (our side) 0
Local Port 0

Note that you can write your password here such that vpnc will connect automatically, but I left it empty (just delete the Xauth password line) such that vpnc asks for my password at startup.

Also, IPSec secret is a group password that Cisco VPN uses to authenticate the user to some group, or something. This is the decoded version, obtained with the Cisco vpnclient password decoder. For Solis VPN, the encoded password is:

2773609C2CED481E222EB3344B6BD473578BC4B4CE450479DDC3E703D13AC768883DC1937C912A59B268AEB18B9CBAA7CC2698FC0FB9D8C0C8EA74FA3E6CF0D6

Connect and disconnect (step 6)

To run vpnc, simply type

sudo vpnc --natt-mode cisco-udp solis-vpn

and vpnc will connect to the VPN. To disconnect, run

sudo vpnc-disconnect

and you are again on your own.

References