Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Client-management Digest, Vol 6, Issue 273

This is crazy odd. I just opened up the email to search on this very topic.
I've been playing around with this, and have a little info, although its not too positive.
The network preferences panel allows you to export your VPN settings, but I can't find a way to import from the CL.
What you get is a XML file with a .networkConnect extension. It looks about like what ends up in /Library/Preferences/SystemConfiguration/preferences.plist under a unique ID in the NetworkServices dictionary, except its in a standalone file that can be double clicked by the user to create the service. You might be able to add the info by hacking the SystemConfiguration plists, but I don't know how the dynamic store will react.
Digging into scutil (cl interface to the dynamic store) you can see that the dynamic store isn't having any of this IPSec hardware port thing. Thats some kind of virtual mapping that networksetup (And Network control panel) must be doing.
Looking at the interface dictionary for the service, you only get the Type tag (IPSec), as opposed to the Ethernet service dictionary which displays Hardware, UserDefinedName, DeviceName, and Type.
Whatever magic is going on there is not exposed via networksetup.
I was hoping to find an easy way to import the networkConnection file, but so far no dice. Google laughs at me.
Its possible that scutil (or digging further the framework <SystemConfiguration/SystemConfiguration.h>) can give you enough raw control to create your own setup, but that will take more research. 

--DH


On Nov 2, 2009, at 12:02 PM, email@hidden wrote:

From: "Walck, Nathan Alan" <email@hidden>
Date: November 2, 2009 8:19:41 AM PST
Subject: 10.6 Cisco IPSec VPN setup from commandline


I'm trying to figure out a way to setup a Cisco IPSec vpn from the  
commandline using the networksetup command.  When you do sudo  
networksetup -listnetworkserviceorder it shows:

(7) VPN (Cisco IPSec)
(Hardware Port: IPSec, Device: )

But when you try this command:

sudo networksetup -createnetworkservice VPN IPSec

It returns:
IPSec is not a valid hardware port name.
** Error: The parameters were not valid.

Clearly the system knows that IPSec is a valid hardware port, so  
perhaps networksetup wasn't updated to reflect the system change?  Any  
ideas?  I need to be able to set this up from commandline...doing it  
through the GUI is not an option.

Thanks

Nate

Daniel S. Hoit
Lawrence Livermore National Laboratory
phone: 925-424-5256
 

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Client-management mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/client-management/email@hidden

This email sent to email@hidden


Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.