Engineering-Tech Wiki

User Tools

Site Tools

You are here: start » auth » howto » linux » vpnclient
Trace:
auth:howto:linux:vpnclient

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
auth:howto:linux:vpnclient [2007/04/12 16:39] kohoferauth:howto:linux:vpnclient [2012/04/05 12:05] – [Instructions for Linux Cisco AnyConnect Client (recommened)] kohofer
Line 1: Line 1:
-===== VPN (Virtual Private Network) at the Free University of Bolzano/Bozen =====+====== VPN (Virtual Private Network) at the Free University of Bolzano/Bozen ======
  
-==== Infos regarding the usage of VPN ====+===== Infos regarding the usage of VPN =====
  
-http://www.unibz.it/ict/vpn/index.html?LanguageID=EN+http://www.unibz.it/en/ict/ComputerInternet/network/vpn/default.html
  
 +==== Instructions for Windows 2000, XP, VISTA and 7 - 32bit and 64bit ====
  
-==== Instructions for Windows 98, ME, NT 4.0, 2000 and XP ==== +http://www.unibz.it/en/ict/ComputerInternet/network/vpn/InstallationWindows.html
-http://www.unibz.it/ict/vpn/win/index.html?LanguageID=EN+
  
-==== Instructions for MacOS X 10.2-10.4 ==== +==== Instructions for MacOS X 10.4 ==== 
-http://www.unibz.it/ict/vpn/mac/index.html?LanguageID=EN+http://www.unibz.it/en/ict/ComputerInternet/network/vpn/InstallationMacOSX.html
  
-==== Instructions for Linux ====+==== Instructions for MacOS X 10.6 ====
  
-1. Download and install the kernel headers corresponding to the kernel in use. Some distributions name this package kernel-headersothers name it linux-headers:+There is no need to install a Clientsimply install (doubleclick) the\\ 
 +following file:
  
-    # sudo apt-get install kernel-headers-X.X.XX-X-XXX +{{:auth:howto:linux:unibz.networkconnect.zip|}}
-or +
-    # sudo apt-get install linux-headers-X.X.XX-XXX+
  
-Substitute the notation X.X.XX with the actual version of your kernel. +===== Instructions for Linux Cisco AnyConnect Client (recommened) =====
-You can get the version of your kernel by issuing the following command:+
  
-    # uname -a+=== Installation ===
  
-A valid version number could be, for example, 2.6.12-9-386.+1Open with your browser (tested with firefox 11.0) the following URL:
  
-2. Download and install the vpnclient:+https://vpn.scientificnet.org
  
-Substitute the notation X Z with your university network's username and password:+2. Enter your Username and password, then press **Login**
  
-wget --no-check-certificate --http-user=X --http-password=Z  +3. A "Warning Security" Windows opens: This will install the Cisco AnyConnect\\ 
-https://pro.unibz.it/vpn/client/common/linux/vpnclient-linux-x86_64-4.8.00.0490-k9.tar.gz+   in /opt/cisco of your System
  
 +4. Press **Run**
  
-3Untar the source of vpnclient and install it. +5In order to install Cisco AnyConnect, Admin (sudo) rights are required; a Window opens,\\ 
-   Depending on the Linux Distribution you might need to install ''make'' and ''gcc-3.4'' +   enter your local password.
-   apt-get install make gcc-3.4+
  
-    # tar xfz vpnclient-linux-4.7.00.0640-k9.tar.gz +6The Cisco AnyConnect is installed and running, you can close the URL.
-      +
-    # cd vpnclient +
-     +
-    # ./vpn_install+
  
-You will get some messages and you will be requested to answer to some questions: 
  
-    Directory where binaries will be installed [/usr/local/bin] +=== Launching Cisco AnyConnect GUI ===
-     +
-    Automatically start the VPN service at boot time [yes] +
-     +
-    Directory containing linux kernel source code [/lib/modules/X.X.XX-X-XXX/build]+
  
-You only have to modify the predefined answers if they do not correspond to your actual situation. +This allows you to connect and disconnect the VPN service.
-If everything works, you will see some compilation messages and then the installation program will stop.+
  
-4. Download the unibz.pcf configuration file from the site of the university. +  /opt/cisco/anyconnect/bin/vpnui
-Substitute the notation XXX ZZZ with your university network's username and password:+
  
-    # wget --no-check-certificate --http-user=XXX --http-password=ZZZ https://pro.unibz.it/vpn/Configuration/unibz.zip+=== Uninstalling the client AnyConnect ===
  
-5. Unzip the configuration file and copy it to the correct location:+The client comes with an uninstallation script
  
-    # unzip unibz.zip +  * $ sudo /opt/cisco/vpn/bin/vpn_uninstall.sh
-     +
-    # cp unibz.pcf /etc/opt/cisco-vpnclient/Profiles/.+
  
-6Initialize the vpnclient:+However it doesn't actually uninstall everything properly, it removes files but leaves behind directories.\\ 
 +You can clean up what it leaves behind by deleting the directory /opt/cisco/
  
-    # sudo /etc/init.d/vpnclient_init start+  * $ sudo rm -r /opt/cisco
  
-7You can now start the vpnclient using sudo:+Per-user configuration is stored in your home directory in a file called .anyconnect
  
-    $ sudo vpnclient connect unibz 
  
-You will see some messages and then you will be requested to insert your username and password:+More infos to come like using OpenConnect...
  
-    Cisco Systems VPN Client Version 4.8.00 (0490) 
-    Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved. 
-    Client Type(s): Linux 
-    Running on: Linux 2.6.15-26-686 #1 SMP PREEMPT Thu Aug 3 03:13:28 UTC 2006 i686 
-    Config file directory: /etc/opt/cisco-vpnclient 
  
-    Initializing the VPN connection. +===== Instructions for Linux vpnc Client (fails to work since update to Cisco ASA) =====
-    Contacting the gateway at 193.206.186.111 +
-    User Authentication for unibz...+
  
-    Enter Username and Password.+1Install vpnc
  
-    Username []: X +  sudo aptitude install vpnc
-    Password []: Z +
-    Authenticating user. +
-    Negotiating security policies. +
-    Securing communication channel.+
  
-    Your VPN connection is secure.+2. Create configuration file unibz.conf. 
 +   Please Note: IPSec obfuscated secret ... needs to be on a single line. Replace <your-windows-login> with your username.
  
-    VPN tunnel information+  sudo vi /etc/vpnc/unibz.conf 
-    Client address172.21.204.1 + 
-    Server address193.206.186.111 +<code> 
-    Encryption: 128-bit AES +####################################### 
-    AuthenticationHMAC-SHA +IPSec gateway vpn.unibz.it 
-    IP CompressionNone +IPSec ID Unibz 
-    NAT passthrough is active on port UDP 4500 +IPSec obfuscated secret 06294C134E0BEBDA4B449B56BFD305D35D12DABF4044EDB6794926C2CA6D5AEDFE6342DF190E566EB11215DDC1591D5CB6ABEBEB593693C6D0B2077D78034B6AFEEA3221E77F4 
-    Local LAN Access is disabled+C9858DD711AA8DE58F6 
 +Xauth username <your-windows-login> 
 +####################################### 
 +</code> 
 + 
 +apply this rights: 
 + 
 +  sudo chmod 600 /etc/vpnc/unibz.conf 
 +   
 +  sudo chown root.root /etc/vpnc/unibz.conf 
 + 
 +<code> 
 +sudo ls -l /etc/vpnc/unibz.conf 
 +-rw------- 1 root root 250 2009-05-02 15:54 /etc/vpnc/unibz.conf 
 +</code> 
 + 
 +3Start vpnc 
 + 
 +  sudo vpnc-connect unibz 
 + 
 +This will first ask for your sudo password and then 
 +you <windows-password> 
 + 
 +4Stop vpnc 
 + 
 +  sudo vpnc-disconnect 
 + 
 +===== Shrew Soft VPN Client Instructions for 32 or 64 bit version of Windows 2000, XP, Vista and 7 (recommened) ===== 
 + 
 +1. Go to http://www.shrew.net/home and download latest stable release of Shrew Soft VPN Client for Windows: http://www.shrew.net/download/vpn 
 + 
 +2. Download unibz profile (need to login with unibz login&password) 
 +https://pro.unibz.it/vpn/profiles/unibz/Free%20University%20of%20Bozen-Bolzano.zip 
 + 
 +3. Install Shrew Soft VPN Client for Windows 
 + 
 +4. Start Shrew Soft VPN Client, unzip unibz profile and Import in VPN client
  
-Please notice that you will have to leave the console open in order to have the VPN running. 
  
/data/www/wiki.inf.unibz.it/data/pages/auth/howto/linux/vpnclient.txt · Last modified: 2022/06/20 11:40 by kohofer