Differences

This shows you the differences between two versions of the page.

--- vpn_notes [2013/04/05 08:15] – juckins
+++ vpn_notes [2015/03/17 13:44] (current) – juckins
@@ Line 1: / Line 1: @@
-Cisco Anyconnect VPN Client installs okay for 32 bit version on a 32 bit machine
+__Using CentOS VPNC, OpenVPN and Network Manager to get VPN services__
-The 64 bit version does not work - connection gives error message.
-To install the 32 bit on a 64 bit machine, you need to do the following:
-yum install libxml++.i686 atk.i686 gtk2.i686
-Then when starting the vpn /opt/cisco/vpn/bin/vpnui you will still get some error messages going by but it works.
-An alternative is to use OpenVPN.
-----
-The older Cisco VPN client does not install.  It gives a failed to make module "cisco_ipsec.ko".
-**Instead, use CentOS VPNC, OpenVPN and Network Manager to get VPN services.**
 First enable EPEL repo using one of these links:
@@ Line 53: / Line 37: @@
 </code>
-Then yum install NetworkManager*.  This command should install *vpnc* and *openvpn* but double-check to be sure.
+Then:
+yum -y install NetworkManager*
+yum -y install *vpn*
+yum -y install openconnect*
 Then go to network manager or right-click the network icon in the task bar and add a new connection, VPN.
 Enter all the appropriate settings as given by work and then __reboot the machine__ otherwise your configuration will not save and you will get an error "no valid VPN secrets".
+----
+To connect to a Cisco AnyConnect VPN server, use openconnect as listed above.  Reboot the computer after installing the VPN packages and set up the connection entering the IP address for the Gateway.
+----
+The ntpd service may not be able to connect to time servers; remember to update /etc/ntp.conf and possible /etc/ntp/step-tickers with time sources that are reachable when the machine has the VPN connected.
+----
+[[http://www.debuntu.org/how-to-connect-to-a-cisco-vpn-with-vpnc/ Cisco VPN with VPNC (Ubuntu and Debian)]]
+----
+Notes from Scalio:
+  * Install the vpnc rpm and any dependencies, if not already installed.
+  * As root, use visudo to add the following entries to the sudoers file without the surrounding "<>":
+        <your user name>   ALL=(root) NOPASSWD: /usr/sbin/vpnc
+        <your user name>   ALL=(root) NOPASSWD: /usr/sbin/vpnc-disconnect
+  * As root, create a vpn configuration file (I called mine myvpn.conf) in /etc/vpnc containing the following:
+        IPSec gateway XXX.XXX.XXX.XXX
+        IPSec ID XXX
+        IPSec secret XXXXXXXXX
+        Xauth username <your user name>
+        Xauth password <your password>
+  * Change file permissions on your vpnc configuration file to 600.
+  * Copy the two attached files to some place in your path.  I put them in ~/bin.  Make sure you they both have execute permission.
+  * Use the scripts to start/stop VPN sessions.  I use this from inside a VirtualBox Linux guest.  Occasionally, your vpn sessions will terminate without any notification.  If you aren't getting a response from an established session, you can just do "start_vpnc" again and you shouldn't even get kicked out of any remote terminal sessions you have running.
+<code>
+#!/bin/bash
+# start_vpnc.bash
+sudo /usr/sbin/vpnc --natt-mode cisco-udp myvpn
+#!/bin/bash
+# stop_vpnc.bash
+sudo /usr/sbin/vpnc-disconnect
+</code>
 ----
@@ Line 69: / Line 102: @@
   * [[http://pkgs.repoforge.org/kvpnc/]]
-----
-To connect to a Cisco AnyConnect VPN server, use the linux package "OpenConnect".  The packages are listed in the bash script above.  Reboot the computer and set up the connection entering the IP address for the Gateway.