Cisco Systems OL-5490-01 manual Installing the VPN Client, Authentication

Page 24

Chapter 2 Installing the VPN Client

Bundling a Root Certificate with the Installation Package for Darwin

Bundling a Root Certificate with the Installation Package for Darwin

To use mutual authentication, the VPN Client computer must have a root certificate installed. You can bundle a root certificate with the installation package so that the root certificate is installed automatically. The following steps place a root certificate with the installation package. The root certificate is contained in a file. The name of the file must be rootcert with no extension.

Step 1 In the GUI, double-click vpnclient-darwin-<version>-K9.dmgor using the CLI, open vpnclient-darwin-<version>-K9.dmg.

Step 2 In the GUI, drag and drop the root certificate into the CiscoVPNClient folder on the desktop, making sure the file is renamed to rootcert or using the CLI, enter the following command.

cp -f <path_to_root_cert>/<root_cert_filename> /Volumes/CiscoVPNClient

Step 3 In the GUI, press <Apple>-Ewhile focusing on the CiscoVPNClient folder or using the CLI, enter the following command.

umount /Volumes/CiscoVPNClient

Installing the VPN Client

The following sections describe how to install the VPN Client software. The VPN Client for Mac OS X installer program installs, by default, both the graphical user interface and the command-line version of the VPN Client. However, you are not required to install the GUI. See the “Choosing the Installation Type” section on page 2-8for more information.

Note We recommend that you uninstall any previous version of the VPN Client for Mac OS X before you install a new version. For more information, see “Uninstalling the VPN Client” section on page 2-12.

Authentication

Before you can start the installation process, you must show that you have installation privileges.

Step 1 Open the installer package by double-clicking the Cisco VPN Client.mpkg file that resides in the installer directory. (See Figure 2-2).

The Authorization window appears (Figure 2-3). You must have an administrator password to install the VPN Client application.

VPN Client User Guide for Mac OS X

2-4	OL-5490-01

Image 24

Contents VPN Client User Guide for Mac OS VPN Client User Guide for Mac OS N T E N T S Authentication Changing the Password on a Personal Certificate Notifications Contents AudienceRelated Documentation TerminologyDocument Conventions Obtaining Documentation Data FormatsCisco.com Documentation CD-ROMObtaining Technical Assistance Ordering DocumentationDocumentation Feedback Technical Assistance Center Cisco TAC WebsiteObtaining Additional Publications and Information Cisco TAC Escalation CenterUnderstanding the VPN Client Connection TechnologiesVPN Client Overview VPN Client Features Program FeaturesAdministrator Guide Authentication Features IPSec FeaturesVPN Client IPSec Attributes IPSec Attribute DescriptionXauth OL-5490-01 Verifying System Requirements Gathering Information You NeedPreconfiguring the VPN Client Obtaining the VPN Client SoftwarePreconfiguring the User Profile Preconfiguring the Global ProfileInstalling the VPN Client AuthenticationAuthorization Window VPN Client Installation Process IntroductionAccepting the License Agreement Selecting the Application DestinationChoosing the Installation Type Select Destination WindowEasy Install Window 10 Install Software Progress Window 11 Successful Installation Confirmation Window Uninstalling the VPN Client CLI Version Install Script NotesSudo /usr/local/bin/vpnuninstall Enter your password OL-5490-01 Navigating the User Interface VPN Client MenuChoosing a Run Mode Operating in Simple ModeVPN Client Window-Simple Mode Main Menus-Simple Mode Connection Entries MenuStatus Menu Operating in Advanced Mode VPN Client Window-Advanced ModeToolbar Action Buttons-Advanced Mode Main Tabs-Advanced ModeMain Menus-Advanced Mode Connection Entries MenuCertificates Menu 10 Status MenuRight-Click Menus Log MenuConnection Entries Tab Right-Click Menu 14 Connection Entries Right-Click MenuCertificates Tab Right-Click Menu 15 Certificates Tab Right-Click MenuConfiguring Connection Entries Creating a Connection EntryVPN Client Window Authentication Methods Group AuthenticationMutual Group Authentication Certificate AuthenticationCertificate Authentication Transport Settings Transport ParametersEnable Transport Tunneling Transparent Tunneling ModeAllow Local LAN Access Backup Servers Peer Response TimeoutEnter the hostname or IP address of the backup server to add Configuring Connection Entries Backup Servers Checking Prerequisites Establishing a Connection2shows the VPN Client window in simple mode Choosing Authentication Methods Connecting to a Default Connection EntryShared Key Authentication VPN Group Name and Password Authentication Radius Server AuthenticationSecurID Authentication User Authentication for RadiusUsing Digital Certificates User Authentication for RSA SecurIDUsing the Certificate Store Enrolling and Managing CertificatesEnrolling Certificates Certificate StoreOnline Certificate Enrollment Entry Field Description Managing Enrollment Requests Viewing the Enrollment RequestDeleting an Enrollment Request Changing the Password on an Enrollment Request Retrying an Enrollment RequestImporting a Certificate Viewing a CertificateCertificate Properties Exporting a Certificate Whether the export is successfulDeleting a Certificate Successful Export Prompt11 Password Prompt for Deleting Enrollment Certificates Verifying a CertificateChanging the Password on a Personal Certificate Managing Connection Entries Importing a Connection EntryModifying a Connection Entry Import VPN ConnectionConnection Entry Settings Deleting a Connection EntryEnable Logging Event LoggingClear Logging Set Logging OptionsLog Class Description Module Opening the Log Window Logging LevelsViewing Statistics Log WindowTunnel Details Field DescriptionCisco VPN Client Administrator Guide lists all Route DetailsNotifications Statistics Window-Route Details10 Notifications Window D E IN-2 IN-3 IN-4 IN-5 IN-6 IN-7 IN-8