Search Google Appliance

Home >> Network >> Vpn >> Macosx native >> Configuring the native VPN client on macOS

Configuring the native VPN client on macOS

MacOS provides native support for connecting to the IT Services Cisco-based VPN service. Please note that IT Services support the current and two previous versions of macOS only; for details of supported versions please refer to the Apple Mac Support page.

This document contains instructions on how to configure the native VPN client that comes with macOS. In order to use the VPN service you will also need to have the necessary Remote Access Services username and passwords - for details see the main IT Services VPN Service page.

Please make sure that you have read the introduction and general requirements, which apply to all VPN clients, before attempting to configure your computer or mobile device to connect to the VPN.

1. Requirements

There are a number of requirements necessary in order to use the VPN service on Apple Macintoshes; these are detailed below.

  • Your computer must be running a supported version of macOS (see Apple Mac Support page for details).
  • You computer must already have a connection to the Internet (e.g. via NTL, Compuserve, broadband, ADSL, etc., etc.)
  • You must have a Remote Access Services account.
  • You must be able to log on as an Administrator of your Mac.

2. Obtaining the prerequisite information for configuring the inbuilt VPN client

As part of the process of configuring the inbuilt VPN client you will need to supply some group configuration information. Members of Oxford University can download a file containing this information from the IT Services Self-Registration Software Registration and Downloads web page. Once on this page select VPN client from the list. On the next page that appears select VPN shared credentials. A window containing the information should now pop up on your desktop. Make a note of the IPSec secret as you will need this information later on (it will be referred to as the shared secret) and then close the window using the close window link.

You have now obtained the information that you need from the Self-registration web pages.

3. Configuring and using the inbuilt VPN client

To use the macOS inbuilt support for Cisco VPN you will first need to open [System Preferences], which you can do from the dock, the [Apple] menu or by finding it in the Applications folder.


System preferences screen

From the [System Preferences] window click the Network icon to bring up the Network window.


Network screen

Click the + at the bottom of the left hand pane to bring up a dialogue window to add a new network interface. Within the dialogue window make the follow changes:

  • set the Interface drop down menu to VPN
  • set the VPN type drop down menu to Cisco IP Sec
  • change the Service Name field to something that is meaningful to you, eg VPN (OUCS)


add a new network interface screen

Finally, click the Create to add the new interface. This will return you to the Network window with the newly added interface ready to configure. To configure the interface make the following changes:

  • set the Server Address field to
  • set the Account name and Password fields to your remote access account name and password


Network screen showing configuration fields

Next click the Authentication Settings... button to bring up another dialogue window which requires the following information:

  • click the Shared secret radio button and fill in the text field using the information that you obtained earlier
  • set the Group Name field to oxford


Authentication settings

Click the OK button to return to the Network window. If you are likely to use the VPN client regularly you may want to include the status of the VPN connection in your menu bar. If you do want to do this you must tick the check box labelled Show VPN status in menu bar.

Finally, click the Apply button to complete the configuration for this new VPN interface. The new interface should now appear in the left hand pane indicated by a locked padlock icon. Note that the status of the interface will show as Not connected.


New interface showing in side panel

To make a connection to the VPN service simply click the Connect found on the Network window. (This can be found underneath the Authentication Settings... button.) Once the connection has been established the Network window will show that the status of the VPN interface has changed to Connected and it will display the connect time and the IP address.

4. Connecting to the IT Services VPN service using the inbuilt VPN client

Once you have configured a network interface on your Mac to connect to the IT Services VPN service you can make a VPN connection whenever you need to. To connect via the inbuilt client:

  • Open [System Preferences]
  • Click the Network icon to switch to the Network window
  • Select the VPN connection you configured previously (in this example called VPN (OUCS)) in the left hand pane
  • Click the Connect button (found underneath the Authentication Settings... button)

Do remember to disconnect from the VPN service once you no longer need it by clicking the Disconnect button within the Network window.

Alternatively, if you chose to include the status of the VPN connection in your menu bar by ticking the box labelled Show VPN status in menu bar during the configuration process you can connect and disconnect using the VPN icon in the top menu bar. Look for the VPN icon in the top menu bar and click the icon to bring up the drop down menu.



Simply choose the [Connect] option from this menu to make a VPN connection. You can also use this menu to disconnect your session once you no longer need it.

5. Further Information

For information on firewalls and IP address allocations refer to the IT Services VPN Service technical details page.

If you have problems with the inbuilt client you may be advised to use the Cisco AnyConnect Client. Instructions are available from the Configuring the AnyConnect Client on Mac OS X Systems page.


Service area: 

Written by IT Services. Latest revision 6 April 2020