Snow Leopard brought built-in support for Cisco VPN over TCP (but not over UDP). However, as of 10.6.6, there is still one issue: While the password can be saved in the keychain, the daemon
configd is not granted access, causing the user to be bothered to enter the password every time upon initiating a connection
(If you are running Mac OS X 10.6.0–10.6.3 and experience unexpected disconnections when the phase 1 key should be renegotiated (after 48 minutes), there is a work-around here.
The password issue can be solved as follows
1. Open "Keychain Access" (use Spotlight)
2. Find the entry corresponding to the
XAUTH password using the search field
3. Click the "Access Control" tab, then the "+" button and add
/usr/libexec/configd to the list of applications that are allowed to access the keychain entries. To navigate to this directory, just start typing
/usr/libexec/ and then select
Whenever you change the slightest detail of your VPN configuration, you will have to do this again.
If you are still being asked for your password when using the VPN menu item to initiate a connection, try disabling and subsequently re-enabling the VPN menu ("Show VPN status in menu bar"), then repeat the above.
If you get an error message about a "configuration problem" when initiating the connection, it is typically due to
racoonbeing running when it should not be. To kill this daemon, proceed as follows:
- Be sure to be logged in as administrator.
- Open the "Terminal" application
sudo killall racoonand press the "Return" key
- When asked for a password, enter your login password.