User Tools

Site Tools


auth:howto:linux:vpnclient

This is an old revision of the document!


VPN (Virtual Private Network) at the Free University of Bolzano/Bozen and EURAC

Infos regarding the usage of VPN

Instructions for Windows 7 - 32bit and 64bit

Instructions for MacOS X

There is no need to install a Client, simply download, unpack (doubleclick), then doupleclick the
unpacked file to install it:

vpn-scientificnet.org.networkconnect.zip

Under Network settings an new item should appear:

  • VPN (IPSec)
  • change username to your username
  • click Connect and enter your password

Instructions for MacOS X - via web

Open Browser and go to: https://vpn.scientificnet.org

Enter the necessary information and press login

Instructions for iOS 9

  1. Press Settings
  2. Choose General
  3. Nearly at the end, click VPN
  4. Next click: Add VPN Configuration…
    1. Type: IPSec
    2. Description: VPN Scientificnet
    3. Server: vpn.scientificnet.org
    4. Account: <your-unibz-username>
    5. Password: <your-unibz-password> or leave empty to ask every time!
    6. Group Name: Unibz
    7. Secret:
      NrW2z9sj8g3kjJrzXxJwRPbIRNInWakL
  5. Press Done in upper right corner of window
  6. Status: Slide Button to the right to connect
  7. Enter Password if not already entered above

1. Install vpnc

sudo aptitude install vpnc

2. For Unibz:

  • Create configuration file unibz.conf. Download from here: unibz.conf

2.a For Eurac:

  • Create configuration file eurac.conf. Download from here: eurac.conf
IPSec obfuscated secret needs to be on a single line.
Replace <your-windows-login> with your username.

For Unibz:

sudo vi /etc/vpnc/unibz.conf
#######################################
IPSec gateway vpn.unibz.it
IPSec ID Unibz
IPSec obfuscated secret 06294C134E0BEBDA4B449B56BFD305D35D12DABF4044EDB6794926C2CA6D5AEDFE6342DF190E566EB11215DDC1591D5CB6ABEBEB593693C6D0B2077D78034B6AFEEA3221E77F4
C9858DD711AA8DE58F6
Xauth username <your-windows-login>
#######################################

apply this rights:

sudo chmod 600 /etc/vpnc/unibz.conf

sudo chown root.root /etc/vpnc/unibz.conf
sudo ls -l /etc/vpnc/unibz.conf
-rw------- 1 root root 250 2009-05-02 15:54 /etc/vpnc/unibz.conf

For Eurac:

sudo vi /etc/vpnc/eurac.conf
#######################################
IPSec gateway vpn.scientificnet.org 
IPSec ID Eurac
IPSec obfuscated secret 56A1CD68CC3AD33B48DB0F727ADDBC0A354DE3287D15C8526ED4CEDE4BC2ACDD1BB2460BC2354671A405F6150EA7C294C4DBC4CF9FFE45873BECAD3A2A738C5053BE34F709D592B50AD5BC472CDFF350
Xauth username <your-windows-login>
#######################################

apply this rights:

sudo chmod 600 /etc/vpnc/eurac.conf

sudo chown root.root /etc/vpnc/eurac.conf
sudo ls -l /etc/vpnc/eurac.conf
-rw------- 1 root root 250 2009-05-02 15:54 /etc/vpnc/eurac.conf

3. Start vpnc

For Unibz:

sudo vpnc-connect --domain unibz unibz

This will first ask for your sudo password and then your <unibz-password>

For Eurac:

sudo vpnc-connect --domain eurac eurac

This will first ask for your sudo password and then your <eurac-password>

4. Stop vpnc

sudo vpnc-disconnect

Possible errors

If you get the following error: vpnc-connect: no response from target
try adding the line below to your configuration file (unibz.conf)

NAT Traversal Mode cisco-udp


When one attempts to connect to their VPN after installing and configuring vpnc on Ubuntu Oneiric,
the following error occurs:

root@ubuntu:~# vpnc-connect
Error: either "to" is duplicate, or "ipid" is a garbage.

It appears that the Ubuntu package vpnc comes with an old version of vpnc-script.
This script is what sets up all the addresses and routes for you. The OpenConnect project
provides an updated / revised release of this script. Download the latest copy from here.
Replace the vpnc-script script that comes with the Ubuntu vpnc package: /etc/vpnc/vpnc-script

Decode Group Password

Instructions for Linux Cisco AnyConnect Client

Installation

1. Open with your browser (tested with firefox 11.0) the following URL:

https://vpn.scientificnet.org

2. Enter your Username and password, then press Login

3. A “Warning - Security” Windows opens: This will install the Cisco AnyConnect Client
in /opt/cisco of your Platform.

4. Press Run on the “Warning - Security” Window

5. In order to install Cisco AnyConnect, Admin (sudo) rights are required; a Window opens,
enter your local password.

6. The Cisco AnyConnect is installed and running, you can close the URL.

Launching Cisco AnyConnect GUI

This allows you to connect and disconnect the VPN service.

/opt/cisco/anyconnect/bin/vpnui

Please note the vpnagentd must be running for this

  • ps auxww | grep vpn
root      1759  0.0  0.3  17984  7644 ?        S    12:58   0:00 /opt/cisco/anyconnect/bin/vpnagentd

Launching Cisco AnyConnect NON-GUI

This allows you to connect and disconnect the VPN service.

  • /opt/cisco/anyconnect/bin/vpn
Cisco AnyConnect Secure Mobility Client (version 3.0.5080) .

Copyright (c) 2004 - 2011 Cisco Systems, Inc.
All Rights Reserved.


  >> state: Disconnected
  >> state: Disconnected
  >> notice: Ready to connect.
  >> registered with local VPN subsystem.
VPN> connect vpn.unibz.it
connect vpn.unibz.it
  >> contacting host (vpn.unibz.it) for login information...
  >> notice: Contacting vpn.unibz.it.
VPN> 
  >> Please enter your username and password.
    0) clientless
    1) scientificnetwork
Group: [clientless] 

Username: <your-username>
Password: 
  >> state: Connecting
  >> notice: Establishing VPN session...
  >> notice: Checking for profile updates...
  >> notice: Checking for product updates...
  >> notice: Checking for customization updates...
  >> notice: Performing any required updates...
  >> state: Connecting
  >> notice: Establishing VPN session...
  >> notice: Establishing VPN - Initiating connection...
  >> notice: Establishing VPN - Examining system...
  >> notice: Establishing VPN - Activating VPN adapter...
  >> notice: Establishing VPN - Configuring system...
  >> notice: Establishing VPN...
  >> state: Connected
  >> notice: Connected to vpn.unibz.it.
VPN>exit

Uninstalling the AnyConnect Client

The client comes with an uninstallation script

  • sudo /opt/cisco/vpn/bin/vpn_uninstall.sh

However it doesn't actually uninstall everything properly, it removes files but leaves behind directories.
You can clean up what it leaves behind by deleting the directory /opt/cisco/ and /opt/.cisco/

  • sudo rm -r /opt/cisco /opt/.cisco

Per-user configuration is stored in your home directory in a file called .anyconnect

Shrew Soft VPN Client Instructions for 32 or 64 bit version of Windows 2000, XP, Vista and 7 (recommened)

1. Go to http://www.shrew.net/home and download latest stable release of Shrew Soft VPN Client for Windows: http://www.shrew.net/download/vpn

2. Download unibz profile (need to login with unibz login&password) https://pro.unibz.it/vpn/profiles/unibz/Free%20University%20of%20Bozen-Bolzano.zip

3. Install Shrew Soft VPN Client for Windows

4. Start Shrew Soft VPN Client, unzip unibz profile and Import in VPN client

/data/www/wiki.inf.unibz.it/data/attic/auth/howto/linux/vpnclient.1442836147.txt.gz · Last modified: 2019/01/16 10:03 (external edit)