» About NACS	Thursday August 21st, 2008
Search
Home UCInetIDs Email Instruction & Research Services, Support & Software Network Telephone Security Help Desk

NACS > Security > VPN > VPN software for Macintosh

Configuring and Installing VPN software
for Macintosh

Summary: This handout is a comprehensive set of instructions to configure and install the UCI VPN software.

Macintosh and VPN Issues

Getting Started

To get started you will first mount the file and then run the setup file.

1. Download the VPN client if you have not done so already.
2. Locate the downloaded file. By default, Mac OS X puts files downloaded via web browser on the desktop.
3. Double click on the .dmg file to get the disk image mounted. An icon will appear on the desktop called CiscoVPNClient.
4. Double-click on CiscoVPNClient to open it and double click on Cisco VPN Client.mpkg to start the installer.
5. Authenticate as a machine Administrator if necessary and click Next (as necessary) to proceed through the installer.

Starting the VPN Connection

• Split Tunnel
  The "split" tunnel only sends traffic destined for UCI over the VPN connection. All other traffic goes through your normal cable modem/dsl connection. Use the "split" tunnel for connections to and from UCI only. If you are using online Library resources, use the "full" tunnel. It allows you to talk directly to the Internet, but when your machine "talks" to UCI network addresses the traffic is put through the established VPN tunnel to the UCI VPN node, where it is decrypted and given a UCInet network address. This is useful for people who need access to things at UCI which require a UCInet IP address (such as connecting to a system that restricts access to UCI hosts only), or to use services which are blocked for security reasons at the campus firewall (such as NetBIOS ports, used in mounting shared drives and other ports used by Microsoft Windows). Only traffic to/from UCI is sent through the VPN connection, so if you were to access Yahoo, it would go through your regular network connection (cable modem, dsl, etc).
• Full Tunnel
  The "full" tunnel sends all your internet traffic through the VPN connection, and then out to the internet through UCI's connection. The "full" tunnel is useful for people who need to access sites off-campus that need a UCI IP address to allow access to a resource. The UCI Library has links to resources such as these. If you wanted to access the Oxford English Dictionary (OED), you can't get to it with a split tunnel because it's off campus and your off-campus packets aren't network address translated to UCI addresses. By using the "full" tunnel, this problem is circumvented. However, note that *all* your traffic is sent through the VPN connection and then out UCI's internet connection. You should use the "full" tunnel VPN connection with care since heavy use can cause an increase in UCI's internet connection costs, and is likely slower than the split tunnel method.

1. Launch the VPNClient. (From Applications or from your Dock).
2. From the "Connection Entries" tab, highlight either "UCI" for a split tunnel or "UCIFull" for a full tunnel connection. (Figure 1)
3. Click on Connect in the toolbar.

4. You will be asked for your username and password; use your UCInetID and password. (Figure 2)

5. You will see a banner message; click Continue to connect. (Figure 3)

You are now ready to use your VPN connection. Disconnect from the VPN connection by clicking the Disconnect button.

If you have any problems, please call the NACS Help Desk at 949-824-2222, Monday through Friday, 8:00 AM to 5:00 PM.

Updated: August 17, 2005

Comment on this page.

Network & Academic Computing Services
Contact Us — (949) 824-2222 or nacs@uci.edu