Posts tagged ‘ShrewSoft’

Windows 7 64 bit VPN Client – ShrewSoft

Ok, so I couldn’t get Cisco’s VPN client to work for Windows 7 64 bit. So I went in search of another VPN solution that would be more compatible.

(UPDATE: I got ShrewSoft’s VPN Client working, so keep reading down below.)

I came across ShrewSoft’s VPN Client a while ago, but it originally blue screened my Windows 7 box, but it was a version that didn’t support Windows 7. However they have a new version that is out that is for Windows 7 64 bit. Actually they now have a release version on their download site but there is a beta of the next version (Update 3/05/2010)2.1.6-beta-6 that your may want to use (or a later version if you are reading this well after I wrote or updated it). See the comments on why.

I installed it and it requested a reboot so I rebooted, and the first good news is that I didn’t blue screen when my workstation booted up. Horray!!!

After installing, I tested undocking my laptop from its docking station and then docking my laptop, and again, no blue screens, so I think it is good to go. Now I just have to figure out how to configure it to connect here at work.

I like the license, they say:

The Shrew Soft Client for Windows is free for both commercial and private use. Please read below for complete license details. Click here…

Stay tuned for more testing….

Ok…I am back for more notes.

At work we are using a Cisco VPN solution, so it turns out that when my Cisco VPN would install on a 32 bit machine, it used a .pcf file. Well, guess what is awesome about ShrewSoft’s VPN Client? It can import a .pcf file.

I imported the .pcf file and I appear to connect, then disconnect. Not sure what is going on. I am at work, but I should be able to connect to the VPN while at work, at least that is what my IT staff said.

So hopefully it connects when I am at home.

Here is my log:

config loaded for site ‘MyConfig.pcf’
configuring client settings …
attached to key daemon …
peer configured
iskamp proposal configured
esp proposal configured
client configured
local id configured
pre-shared key configured
bringing up tunnel …
network device configured
tunnel enabled
session terminated by gateway
tunnel disabled
detached from key daemon …

I will try to debug later…

All right I am back again and I am trying to debug. I found this post:
http://lists.shrew.net/pipermail/vpn-help/2009-October/002282.html

There is a program under Start | All Programs | Shrew Soft VPN Client called “Trace Utility” that is installed with the Shrew Soft VPN Client can be used for debugging. However, it wouldn’t work for me. The buttons weren’t enabled.

I had to right-click on the “Trace Utility” shortcut and choose “Run as administrator” then I was able to turn on debugging.

Positives for Shrew Soft VPN Client
– It has a debugging utility.
– It supports Windows 7 64 bit
– It imports cisco .pcf files.
– There is a lot of documentation.

Negatives for Shrew Soft VPN Client
– I don’t have it working yet
– There is not really any clear failure reason for a user.

So I will keep at it. I think I am about going to email the developer, but I sure don’t want to bug him.

Hopefully for some of you, it worked first time for you when you imported the .pcf file.

Got it working

Another positive. The developer has a mailing list, as you saw with one of my links above. I found this link:
http://lists.shrew.net/pipermail/vpn-help/2009-October/002275.html

The key piece of information I needed was this:

If it gets to the ‘tunnel enabled’ point, that means you completed phase1, Xauth and modecfg negotiations. Its probably a phase2 option. As I mentioned to others on the list, try playing with the PFS setting or enabling the cisco-udp NAT-T option.

In the tool, after importing my .pcf file, I only had to make one configuration change. I had to change the PFS setting to “group 2”. See this screen shot.

VPN Setting

So I have this working now.

I have to say that I am very impressed with Shrew Soft. It took me some time to figure it out, but it works. Now the only question time will tell is how stable it is. Expect an update in a week or two about whether I think the Shrew Soft VPN Client is stable.

The steps are easy for me to connect to my VPN at work. Now every VPN is different so I am sorry if these steps don’t work for you:

  1. Use the correct (and latest) version: 2.1.6-beta-6 or later
  2. Install Shrew Soft VPN Client
  3. Reboot.
  4. Import the .pcf file.
  5. Modify the configuration and change the PFS setting to “group 2”.
  6. Apply the configuration.
  7. Click connect.
  8. Enter your domain user and password and you will connect.

Success!!!!

Also, I exported my configuration as a Shrew Soft VPN Client export, which is a .VPN file. When I import it, I don’t have to make a configuration change like I did with the Cisco .pcf file.

Key words: cisco vpn window 7 64 bit