I have tried wine, but it crashes before finishing the installation. So I switched to virtualbox, installed the cisco vpn client there, and ssh into the guest win7 os. My question is:

  1. Is there a better (more lightweight) way of doing this?
  2. If I want to stick with the virtualbox solution, is there a way to channel web traffic also through ssh? There are content that are only available through this vpn.

I have a linux and an osx machine.


I had a look at the cisco folder and it contains a folder called certificates:

├── Certificates
│   ├── 1126
│   ├── caaaaaaa.cdx
│   ├── caaaaaaa.dbf
│   ├── caaaaaaa.fpt
│   ├── cbaaaaaa.cdx
│   ├── cbaaaaaa.dbf
│   ├── cbaaaaaa.fpt
│   ├── ccaaaaaa.cdx
│   ├── ccaaaaaa.dbf
│   ├── ccaaaaaa.fpt
│   ├── cdaaaaaa.cdx
│   ├── cdaaaaaa.dbf
│   ├── cdaaaaaa.fpt
│   ├── paaaaaaa.cdx
│   ├── paaaaaaa.dbf
│   ├── paaaaaaa.fpt
│   ├── pbaaaaaa.cdx
│   ├── pbaaaaaa.dbf
│   ├── pbaaaaaa.fpt
│   ├── pcaaaaaa.cdx
│   ├── pcaaaaaa.dbf
│   ├── pcaaaaaa.fpt
│   ├── pdaaaaaa.cdx
│   ├── pdaaaaaa.dbf
│   ├── pdaaaaaa.fpt
│   ├── raaaaaaa.cdx
│   ├── raaaaaaa.dbf
│   ├── raaaaaaa.fpt
│   ├── rbaaaaaa.cdx
│   ├── rbaaaaaa.dbf
│   ├── rbaaaaaa.fpt
│   ├── rcaaaaaa.cdx
│   ├── rcaaaaaa.dbf
│   ├── rcaaaaaa.fpt
│   ├── rdaaaaaa.cdx
│   ├── rdaaaaaa.dbf
│   ├── rdaaaaaa.fpt
│   ├── rsadb.cdx
│   └── rsadb.dbf
  • Why not use the Cisco AnyConnect VPN client for Mac? Or the Mac's built-in VPN client, which should work with older Cisco VPN's.
    – jimtut
    Commented Aug 8, 2014 at 18:08
  • My institute provides a windows-only cisco vpn client binary which has everything configured. They don't want to tell me how it's configured, so I am stuck there.
    – qed
    Commented Aug 8, 2014 at 19:39
  • Is it the newer "AnyConnect" client, or the older client (can't remember the name)? With the older client, you can download the mac client and copy the PCF from from the official PC config and load on the Mac. Haven't figure out how to do that w/ the AnyConnect client though.
    – jimtut
    Commented Aug 8, 2014 at 19:44
  • It's just called cisco vpn client. Login requires a RSA securityID device. But I got your hint, I am looking around for an option for exporting settings, will update my question later, thanks!
    – qed
    Commented Aug 8, 2014 at 21:12
  • @jimtut I updated my findings, any new ideas? I tried to export my certificates through the gui, it didn't allow me.
    – qed
    Commented Aug 8, 2014 at 23:51

3 Answers 3


Copying some of my comments into an Answer, as it seemed to solve the problem.

For the old Cisco VPN Client (prior to the AnyConnect client), you can install the Mac (or Linux?) version of the client, and copy over the PCF file from the provided Windows client. You do need a PC for that step.

You can also decode the group password (from the provided PCF file), and enter that into many Cisco-compatible VPN clients.

  • Look into the app folder of cisco vpn client, there is a profile folder inside it, which contains a xxxxx.pcf file.
  • Open this pcf file with a text editor, you should see something like this:

    [main] Description=xxxxx Host=xxxxxx AuthType=1 GroupName=xxxxxxx GroupPwd= enc_GroupPwd=xxxxxxx EnableISPConnect=0 ISPConnectType=0 ISPConnect=

  • Decode group password enc_GroupPwd here: https://www.unix-ag.uni-kl.de/~massar/bin/cisco-decode

  • Using host as the gateway, GroupName as group name, and the decoded group password, you can configure network manager in both linux and osx to connect correctly to your company's vpn!

On linux you may need to do something like:

sudo apt-get install network-manager-vpnc-gnome


sudo apt-get install network-manager-openvnc-gnome

On osx mavericks the function is built-in, just open network preference and set up a new vpn connection.


Yes, there is better way and it is to use linux clients. Here you can find examples how to configure OS X or Ubuntu linux to connect to Cisco VPN.

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .