Christopher Juckins

SysAdmin Tips, Tricks and other Software Tools

User Tools

Site Tools

Trace:
vpn_notes

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
vpn_notes [2013/09/25 16:23] juckinsvpn_notes [2015/03/17 13:44] (current) juckins
Line 37: Line 37:
 </code> </code>
  
-Then yum install NetworkManager*.  This command should install the *vpncand *openvpn* packages but double-check with "rpm -qa" to be sure. +Then
 + 
 +yum -y install NetworkManager* 
 +yum -y install *vpn* 
 +yum -y install openconnect*
  
 Then go to network manager or right-click the network icon in the task bar and add a new connection, VPN.  Then go to network manager or right-click the network icon in the task bar and add a new connection, VPN. 
  
 Enter all the appropriate settings as given by work and then __reboot the machine__ otherwise your configuration will not save and you will get an error "no valid VPN secrets". Enter all the appropriate settings as given by work and then __reboot the machine__ otherwise your configuration will not save and you will get an error "no valid VPN secrets".
 +
 +----
 +
 +To connect to a Cisco AnyConnect VPN server, use openconnect as listed above.  Reboot the computer after installing the VPN packages and set up the connection entering the IP address for the Gateway.  
 +
 +----
 +
 +The ntpd service may not be able to connect to time servers; remember to update /etc/ntp.conf and possible /etc/ntp/step-tickers with time sources that are reachable when the machine has the VPN connected.
 +
 +----
 +
 +[[http://www.debuntu.org/how-to-connect-to-a-cisco-vpn-with-vpnc/ Cisco VPN with VPNC (Ubuntu and Debian)]]
 +
 +----
 +
 +Notes from Scalio:
 +
 +  * Install the vpnc rpm and any dependencies, if not already installed.
 +  * As root, use visudo to add the following entries to the sudoers file without the surrounding "<>":
 +
 +        <your user name>   ALL=(root) NOPASSWD: /usr/sbin/vpnc
 +        <your user name>   ALL=(root) NOPASSWD: /usr/sbin/vpnc-disconnect
 +
 +  * As root, create a vpn configuration file (I called mine myvpn.conf) in /etc/vpnc containing the following:
 +
 +        IPSec gateway XXX.XXX.XXX.XXX
 +        IPSec ID XXX
 +        IPSec secret XXXXXXXXX
 +        Xauth username <your user name>
 +        Xauth password <your password>
 +
 +  * Change file permissions on your vpnc configuration file to 600.
 +  * Copy the two attached files to some place in your path.  I put them in ~/bin.  Make sure you they both have execute permission.
 +  * Use the scripts to start/stop VPN sessions.  I use this from inside a VirtualBox Linux guest.  Occasionally, your vpn sessions will terminate without any notification.  If you aren't getting a response from an established session, you can just do "start_vpnc" again and you shouldn't even get kicked out of any remote terminal sessions you have running.
 +
 +<code>
 +#!/bin/bash
 +# start_vpnc.bash
 +sudo /usr/sbin/vpnc --natt-mode cisco-udp myvpn
 +
 +
 +#!/bin/bash
 +# stop_vpnc.bash
 +sudo /usr/sbin/vpnc-disconnect
 +</code>
  
 ---- ----
Line 53: Line 102:
   * [[http://pkgs.repoforge.org/kvpnc/]]   * [[http://pkgs.repoforge.org/kvpnc/]]
  
----- 
- 
-To connect to a Cisco AnyConnect VPN server, use the linux package "OpenConnect" The packages are part of the NetworkManager* group.  Reboot the computer after installing the VPN packages and set up the connection entering the IP address for the Gateway.   
  
vpn_notes.1380140605.txt.gz · Last modified: 2013/09/25 16:23 by juckins