How to configure ShrewSoft VPN to connect to Cisco VPN Server?

31

25

What are the steps to connect to a Cisco VPN server using the ShrewSoft VPN Client?

It's important to note that there are different kinds of Cisco VPN connections:

  1. Cisco VPN with pre-shared key (IPSec)
  2. Cisco AnyConnect (SSL VPN)
  3. Cisco VPN with a .pcf file (IPSec)
  4. Cisco VPN with certificate (IPSec)

I have the detailed answer for 1., pre-shared key. i will be answering that myself.

I need a detailed answer for using ShrewSoft VPN as an alternative to Cisco AnyConnect.

I know the .pcf is easy; you can read about it.

For completeness the certificate version would be good.

Ian Boyd

Posted 2011-07-20T20:08:53.093

Reputation: 18 244

I have tried the answer by Ian Boyd and it has worked fine for me so far. Thanks, Ian. – amn – 2015-08-10T11:56:25.243

2Since the ShrewSoft VPN client is an IPSec client, you aren't going to be able to use it for SSL VPNs (AnyConnect or otherwise). – fencepost – 2012-01-12T23:25:55.197

Did you ever find a way to do 2? – Asad Saeeduddin – 2014-05-16T20:22:50.880

Answers

61

1. Cisco VPN with pre-shared key

Assume you have been given connection information for a Cisco VPN server:

Host: 64.34.199.12

Group ID: SUPERVENDOR
Password: *318#($@

User ID: ian@superuser.com
Password: ianvendor1234

These are the steps to use ShrewSoft VPN to connect to the Cisco VPN server, rather than the Cisco client:

  1. Create a new connection, and under Host name or IP Address enter the Host address (64.34.199.12):
    enter image description here

  2. On the Authentication tab, select Authentication Method of Mutual PSK + XAuth:
    enter image description here

  3. On the Authentication -> Local Authentication tab select Identification Type of Key Identifier:
    enter image description here

  4. Still on the Authentication -> Local Authentication tab, enter Key ID String of SUPERVENDOR:
    enter image description here

  5. On the Authentication -> Credentials tab, enter your Pre Shared Key of *318#($@:
    enter image description here

  6. Save the newly created connection, and click Connect

  7. When prompted for a username and password, enter your supplied User ID and Password, and click Connect:
    enter image description here

Ian Boyd

Posted 2011-07-20T20:08:53.093

Reputation: 18 244

Just a note for others -- in my company's setup there is an RSA soft-token. Upon initial setup the soft token's pin needed to be reset. The cisco version brought up the reset, the shrewsoft vpn failed with a non descript message. Once I reset the pin from default, shrewsoft works fine. – EBarr – 2015-05-05T00:12:25.810

1We upgraded a few devices to Win10 and noticed that we couldn't use the old school cisco VPN anymore. I can verify that this method works 100%. Thanks a lot for providing this info. – lobi – 2015-09-17T16:09:28.700

What you mean by group id is it group name? – alsadk – 2013-06-05T14:49:11.713

3@alsadk Sure, why not. i'm not the one who decides Cisco's terminology; i'm just the one that wants them dead. – Ian Boyd – 2013-06-05T14:57:10.703

thanks for answer. I have a problem where the VPN connection is brought up, it looks like I can send data but nothing being routed back. anything that needs to be done windows (firewall) wise? (windows 8.1 x64) thanks- sam – sambomartin – 2014-05-19T15:40:53.850

Asked: 2011-07-20T20:08:53.093

Viewed: 110 504 times

Active: 2016-10-03T10:33:19.983