48. Chapter - VPN with the NCP Secure Entry macOS Client

The NCP Secure Entry macOS Client is sold through several distributors. A 30-day trial version can be downloaded from the homepage of NCP.

Prepare the Intra2net system for a connection with VPN clients first as described in Section 44.2, „Preparing the configuration on the Intra2net system“. After that the complete configuration for the client can be generated by the Intra2net system as described in Section 44.3, „Automatic configuration for clients on the Intra2net system“.

Transfer the configuration file thus created to the macOS device, e.g. as an email attachment. Give the user the password that protects the private key in another way, e.g. personally on site. For security reasons, do not send this password by email.

Then proceed as follows on the macOS device to import the configuration:

  1. The configuration consists of several individual files and is transferred packed as a ZIP file. Open the ZIP file in the file manager of macOS and unpack all contained files into a directory.

  2. Start the VPN client and go to the menu NCP Secure Entry Client > Profiles.

  3. Click on Import and select the INI file that was just extracted.

  4. Click on Next to import the profile. The profile should import successfully.

  5. The profile overview now contains the new profile.

  6. Next, the file with the certificate of the Intra2net system must be copied. This was contained in the previously unzipped ZIP file and has the external DNS host name of the Intra2net system with the extension .pem as file name.

    Copy them with the macOS file manager into the directory Library/Application Support/NCP/Secure Client/cacerts.

  7. Next, the file with the private key for the client must be copied. This was contained in the previously unpacked ZIP file and has the name of the connection with the extension .p12.

    Copy them into the directory Library/Application Support/NCP/Secure Client/certs.

You can now establish the connection by flipping the switch symbol in the NCP client.

To establish the connection, the password that protects the private key must be entered. This password was configured when the connection was created on the Intra2net system.