Important note
This hint only applies to versions of Mac OS X up to version 10.8 Mountain Lion.
Snow Leopard brought built-in support for Cisco VPN over TCP (but not over UDP). However, as of 10.6.6, there is still one issue: While the password can be saved in the keychain, the daemon configd is not granted access, causing the user to be bothered to enter the password every time upon initiating a connection.
If you are running Mac OS X 10.6.0–10.6.3 and experience unexpected disconnections when the phase 1 key should be renegotiated (after 48 minutes), there is a work-around here.
The password issue can be solved as follows
- Open “Keychain Access” (use Spotlight)
- Find the entry corresponding to the
XAUTHpassword using the search field - Click the “Access Control” tab, then the “+” button and add
/usr/libexec/configdto the list of applications that are allowed to access the keychain entries. To navigate to this directory, just start typing/usr/libexec/and then selectconfigd.
Important note
Common problems
- Whenever you change the slightest detail of your VPN configuration, you will have to do this again.
- If you are still being asked for your password when using the VPN menu item to initiate a connection, try disabling and subsequently re-enabling the VPN menu (“Show VPN status in menu bar”), then repeat the above.
- If you get an error message about a “configuration problem” when initiating the connection, it is typically due to
racoonbeing running when it should not be. To kill this daemon, proceed as follows:- Be sure to be logged in as administrator.
- Open the “Terminal” application
- Type
sudo killall racoonand press the “Return” key - When asked for a password, enter your login password.
/usr/libexec/configd
/usr/libexec/configd'