The easiest way to create a Cisco VPN client connection on Redhat 7 Linux is to use
vpnc client which is an opensource alternative to Cisco VPN client. Let’s start by VPNC installation on RHEL7. The VPNC package is located within EPEL ( Extra Packages for Enterprise Linux 7 ) repository thus first enable EPEL repository:
# subscription-manager repos --enable=rhel-7-server-optional-rpms
If you do not have a current Redhat subscription follow this guide on how to enable EPEL without subscription.
Once done, install
# yum install vpnc
Now, that we have
vpnc client installed we are ready to create a VPN Cisco connection:
[root@rhel7 ~]# vpnc Enter IPSec gateway address: vpn.hostname.example Enter IPSec ID for vpn.hostname.example: VPNClient Enter IPSec secret for VPNClient@vpn.hostname.example: Enter username for vpn.hostname.example: username Enter password for firstname.lastname@example.org: Connect Banner: | You are now connected to the VPN System. Unauthorized usage is not permitted. | VPNC started in background (pid: 3707)...
The above will create a new VPN tun(n) network interface:
tun0: flags=4305<up,pointopoint,running,noarp,multicast> mtu 1412 inet 22.214.171.124 netmask 255.255.255.255 destination 126.96.36.199 unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 </up,pointopoint,running,noarp,multicast>
Alternatively, you can make the Cisco VPN authentication in more automatic manner by creating a VPNC configuration file:
[root@rhel7 ~]# cat /etc/vpnc/default.conf IPSec gateway vpn.hostname.example IPSec ID GROUPNAME IPSec secret GROUPPASS Xauth username username Xauth password my-password
vpnc will now look whether a default config file exists and will create a Cisco VPN connection automatically. Please note that password can be omitted and you will be asked to supply VPN password once you execute
# vpnc Connect Banner: | You are now connected to the VPN System. Unauthorized usage is not permitted. VPNC started in background (pid: 3777)...
In case that you wish to create multiple VPN connection feel free to create multiple VPN config files. After that you can start Cisco VPN connection using
vpnc command and supply the config file name at the same time. For example:
[root@rhel7 vpnc]# cp default.conf cisco-vpn.conf [root@rhel7 vpnc]# vpnc cisco-vpn
To disconnect from Cisco VPN gateway execute:
[root@rhel7 ~]# vpnc-disconnect Terminating vpnc daemon (pid: 3777)