Differences

This shows you the differences between two versions of the page.

--- auth:howto:linux:vpnclient [2015/09/22 11:03] – kohofer
+++ auth:howto:linux:vpnclient [2020/04/21 11:52] – [Instructions for Linux using Openconnect Client (recommended)] kohofer
@@ Line 3: / Line 3: @@
 ===== Infos regarding the usage of VPN =====
-http://www.unibz.it/en/ict/ComputerInternet/network/vpn/default.html
+https://knowledge.scientificnet.org/workspace/#nd=ab7442f9-c4d0-4ffc-a4f7-1e0d84515cc9&ld=17f4d8ce-edff-4d42-ad33-d98e2cdebc35&ln=it
-==== Instructions for Windows 7 - 32bit and 64bit ====
+==== Instructions for MacOS X ====
-http://www.unibz.it/en/ict/ComputerInternet/network/vpn/InstallationWindows.html
+We recommend to download and install [[https://itunes.apple.com/en/app/cisco-anyconnect/id392790924?mt=8|Cisco AnyConnect]] from Apple Store for iOS and connect via Browser to https://vpn.scientificnet.org for Mac OSX
-==== Official Instructions for MacOS X ====
+=== Unsupported Instructions for MacOS X  and iOS - use at own risk! ===
-Use [[https://itunes.apple.com/en/app/cisco-anyconnect/id392790924?mt=8|Cisco AnyConnect]] from Apple Store or connect via Browser to https://vpn.scientificnet.org
-=== Unsupported Instructions for MacOS X  and iOS ===
 Download, unpack (doubleclick), then doupleclick the unpacked file to install it:
@@ Line 24: / Line 20: @@
   * change username to your username
   * click Connect and enter your password
+=== Uninstalling if installation is corrupt in MacOSx ===
+Uninstallation has to be done by running this command on terminal:
+sudo /opt/cisco/vpn/bin/vpn_uninstall.sh
+Should the uninstallation or reinstallation be corrupt, run this command on terminal:
+sudo pkgutil --forget com.cisco.pkg.anyconnect.vpn
 === Instructions for iOS 9 ===
@@ Line 44: / Line 51: @@
   - Enter Password if not already entered above
-===== Instructions for Linux vpnc Client (recommended) =====
+=== Instructions for Android 7 ===
+  - Press Settings
+  - Find VPN Settings, depends on Model
+  - Next click: Add VPN Configuration...
+    - **Name:** Unibz VPN
+    - **Type:** IPSec Xauth PSK
+    - **Server-Address:** vpn.scientificnet.org
+    - **IPSec Identifier:** Unibz
+    - **IPSec Pre-shared Key:** NrW2z9sj8g3kjJrzXxJwRPbIRNInWakL
+    - **Account:** <your-unibz-username>
+    - **Password:** <your-unibz-password> or leave empty to ask every time!
+  - Press Done
+  - Status: Slide Button to the right to connect
+  - Enter Password if not already entered above
+===== Instructions for Linux using openconnect Client (recommended) =====
+===== Installation =====
+Run this command to install openconnect client and OpenConnect plugin GNOME GUI
+  sudo apt install openconnect network-manager-openconnect network-manager-openconnect-gnome
+Once installed open Settings and go to Network, press + right of the VPN section.
+Select **Cisco AnyConnect Compatible VPN (openconnect)** and enter the details:
+**Details**
+  - Make available to other users: tick if you want to allow other users on your system to use the VPN
+**Identity**
+  - Name: VPN work (use a descriptive name)
+  - VPN Protocol: Cisco AnyConnect
+  - Gateway: vpn.scientificnet.org
+  - CA Certificate: download from here, not really necessary!
+The rest can be left as it is.
+**IPv4/IPv6**
+  - IPv4 Method: Automatic (DHCP)
+  - DNS: ON
+  - Routes: ON
+===== Instructions for Linux vpnc Client =====
 . Install vpnc
-  sudo aptitude install vpnc
+  sudo apt-get install vpnc
 . For Unibz:
@@ Line 73: / Line 129: @@
 IPSec obfuscated secret 06294C134E0BEBDA4B449B56BFD305D35D12DABF4044EDB6794926C2CA6D5AEDFE6342DF190E566EB11215DDC1591D5CB6ABEBEB593693C6D0B2077D78034B6AFEEA3221E77F4
 C9858DD711AA8DE58F6
-Xauth username <your-windows-login>
+Xauth username your-windows-login
+# e.g. Xauth username fmoser (not fmoser@unibz.it)
 #######################################
 </code>
@@ Line 97: / Line 154: @@
 IPSec ID Eurac
 IPSec obfuscated secret 56A1CD68CC3AD33B48DB0F727ADDBC0A354DE3287D15C8526ED4CEDE4BC2ACDD1BB2460BC2354671A405F6150EA7C294C4DBC4CF9FFE45873BECAD3A2A738C5053BE34F709D592B50AD5BC472CDFF350
-Xauth username <your-windows-login>
+Xauth username your-windows-login
+# e.g. Xauth username fmoser (not fmoser@eurac.edu)
 #######################################
 </code>
@@ Line 155: / Line 213: @@
 provides an updated / revised release of this script. Download the latest copy from [[http://git.infradead.org/users/dwmw2/vpnc-scripts.git/blob_plain/HEAD:/vpnc-script|here]].\\
 Replace the vpnc-script script that comes with the Ubuntu vpnc package: /etc/vpnc/vpnc-script
+----
+Access via ssh not possible, MTU value to high!
+In some cases the MTU value is too high, which results in an very strange
+situation: ping works, but ssh hangs at this point:
+...
+debug1: sending SSH2_MSG_KEX_ECDH_INIT
+debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
+There are 2 bug reports for this:\\
+https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1110787\\
+https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1254085
+and a possible solution/workaround for Linux Mint:
+https://community.hide.me/threads/setup-problem-on-linux-mint-17.1839/
+Check the current MTU value:
+  ip link | grep mtu
+Set MTU value on interface eth0 to 1392
+  /sbin/ifconfig eth0 mtu 1392
 ==== Decode Group Password ====
@@ Line 261: / Line 349: @@
 Per-user configuration is stored in your home directory in a file called .anyconnect
-===== Shrew Soft VPN Client Instructions for 32 or 64 bit version of Windows 2000, XP, Vista and 7 (recommened) =====
-. Go to http://www.shrew.net/home and download latest stable release of Shrew Soft VPN Client for Windows: http://www.shrew.net/download/vpn
-. Download unibz profile (need to login with unibz login&password)
-https://pro.unibz.it/vpn/profiles/unibz/Free%20University%20of%20Bozen-Bolzano.zip
-. Install Shrew Soft VPN Client for Windows
-. Start Shrew Soft VPN Client, unzip unibz profile and Import in VPN client