Difference between revisions of "IPSec VPN Mac OS X Client"
(Created page with "= Max OS X Setup = Similar to iOS. * Open System Preferences > Network * Click on the '''+''' sign to create a new service * For Interface select '''VPN''. For VPN type select ...") |
|||
Line 21: | Line 21: | ||
== Changing the Pre-Shared Key == | == Changing the Pre-Shared Key == | ||
− | The pre-shared key is stored in the file /etc/racoon/psk.txt. If you want to customise it for any reason, simply edit the file with your favourite text editor and restart racoon. You will need to manually update all of your clients. Note that the web page at http://ipsec-vpn will not be updated. | + | The pre-shared key is stored in the file /etc/racoon/psk.txt. If you want to customise it for any reason, simply edit the file with your favourite text editor and restart racoon. You will need to manually update all of your clients. Note that the web page at '''<nowiki>http://ipsec-vpn</nowiki>''' will not be updated. |
== Routing all network traffic via the VPN == | == Routing all network traffic via the VPN == | ||
By default, the VPN will only route traffic destined for your home network via the VPN. General web traffic etc, will *not* be encrypted. To change this behaviour so that all network traffic from your client is routed via your VPN, edit /etc/racoon/racoon.conf and remove the lines beginning "split_network" and "split_dns". The restart racoon. | By default, the VPN will only route traffic destined for your home network via the VPN. General web traffic etc, will *not* be encrypted. To change this behaviour so that all network traffic from your client is routed via your VPN, edit /etc/racoon/racoon.conf and remove the lines beginning "split_network" and "split_dns". The restart racoon. |
Revision as of 03:03, 9 May 2014
Contents
Max OS X Setup
Similar to iOS.
- Open System Preferences > Network
- Click on the + sign to create a new service
- For Interface select VPN. For VPN type select Cisco IPSec'. Give the service a name, like Amahi Home and click on Create
- Once added, select it. In the Server Address put YOURNICK.yourhda.com (replace YOURNICK with your nickname).
- In Account Name, put your username. Leave password empty unless you trust this computer.
- Click on Authentication Settings
- In Shared Secret, put the Group Setting from your internal IPSec VPN. In Group Name, enter Amahi. Click OK
- You can now click on Connect to connect!
- You can also click on "Show VPN status in menu bar" for quick access to the VPN connection
- Click on Apply to save these settings
Advanced Topics
Note: this section requires editing files with root privileges and restarting the racoon daemon.
The pre-shared key is stored in the file /etc/racoon/psk.txt. If you want to customise it for any reason, simply edit the file with your favourite text editor and restart racoon. You will need to manually update all of your clients. Note that the web page at http://ipsec-vpn will not be updated.
Routing all network traffic via the VPN
By default, the VPN will only route traffic destined for your home network via the VPN. General web traffic etc, will *not* be encrypted. To change this behaviour so that all network traffic from your client is routed via your VPN, edit /etc/racoon/racoon.conf and remove the lines beginning "split_network" and "split_dns". The restart racoon.