LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 08-29-2005, 03:43 PM   #1
nilleso
Member
 
Registered: Nov 2004
Location: ON, CANADA
Distribution: ubuntu, RHAS, and other unmentionables
Posts: 372

Rep: Reputation: 31
vpnc - please Help vpn connection



I've been putting off migrating from kernel 2.4 to 2.6 because of multiple failed attempts at getting my corporate VPN connection working. I could only get it working with 2.4.25 and cisco's vpnclient 4.0.5b

I made the plunge (2.6.12-r8) ... but after much work, I've given up on getting cisco's vpnclient (any version) to work. So I've been trying to get vpnc working instead... and I guess because I'm no networking guru - I'm not having any luck. vpnc documentation is hard to find so I was hoping some helpful LQ'er could assist.

With the cisco client, I just needed my connection profile, my personal cert, and my corporate CA cert.
I have no idea how to make this work with vpnc/kvpnc. I can import the profile but I cannot see how to import the two cert's (pfx and .cer)
I am connecting to a Cisco 3060 VPN concentrator.

Can someone please help and/or point me in the right direction??
thanks.
 
Old 08-31-2005, 09:34 PM   #2
nilleso
Member
 
Registered: Nov 2004
Location: ON, CANADA
Distribution: ubuntu, RHAS, and other unmentionables
Posts: 372

Original Poster
Rep: Reputation: 31
?? anybody ??

+bump+

c'mon folks... someone must have something to offer. Is no one using vpnc to connect to a cisco concentrator via cert authentication?!?!
If not vpnc, I would be open to any other suggestions... [even getting vpnclient working with 2.6.12]
It's getting quite urgent.
TIA
 
Old 09-01-2005, 12:18 AM   #3
carl.waldbieser
Member
 
Registered: Jun 2005
Location: Pennsylvania
Distribution: Kubuntu
Posts: 197

Rep: Reputation: 32
Re: ?? anybody ??

Quote:
Originally posted by nilleso
+bump+

c'mon folks... someone must have something to offer. Is no one using vpnc to connect to a cisco concentrator via cert authentication?!?!
If not vpnc, I would be open to any other suggestions... [even getting vpnclient working with 2.6.12]
It's getting quite urgent.
TIA
I got vpnc to work for some sites. Others wouldn't work, and I am not sure why. The .pfx file should have all the info you need to set up your vpnc config file. Here is the example from the man pages:
Code:
              
IPSec gateway vpn.rwth-aachen.de
IPSec ID MoPS
IPSec secret mopsWLAN
Xauth username abcdef
Xauth password 123456
You just save a file somewhere with this format, but plug in all your info from the .pfx file (server address, Group name, group password, user name, user password). Then you issue
Code:
# vpnc theconfig.conf
The vpn should start up, and it should tell you the PID. You'll probably need to add a route at this point (to the tun0 device). To end the connection, just
Code:
# kill -HUP thepid
 
Old 09-01-2005, 08:30 AM   #4
nilleso
Member
 
Registered: Nov 2004
Location: ON, CANADA
Distribution: ubuntu, RHAS, and other unmentionables
Posts: 372

Original Poster
Rep: Reputation: 31
Unhappy thanks carl

Quote:
The .pfx file should have all the info you need to set up your vpnc config file. Here is the example from the man pages:
The .PCF file has the connection profile kind of info. BUT.. this is certificate based, so I cannot use the config you're suggesting. There is no group name/passwd, no username ....
with this kind of Cisco setup it authenticates you based on your unique personal certificate.

any site's like this?
 
Old 09-01-2005, 05:08 PM   #5
carl.waldbieser
Member
 
Registered: Jun 2005
Location: Pennsylvania
Distribution: Kubuntu
Posts: 197

Rep: Reputation: 32
Re: thanks carl

Quote:
Originally posted by nilleso
The .PCF file has the connection profile kind of info. BUT.. this is certificate based, so I cannot use the config you're suggesting. There is no group name/passwd, no username ....
with this kind of Cisco setup it authenticates you based on your unique personal certificate.

any site's like this?
Looks like this has not been implemented, yet: http://svn.unix-ag.uni-kl.de/vpnc/trunk/TODO (search the page for "certificate").
 
Old 09-02-2005, 08:56 AM   #6
nilleso
Member
 
Registered: Nov 2004
Location: ON, CANADA
Distribution: ubuntu, RHAS, and other unmentionables
Posts: 372

Original Poster
Rep: Reputation: 31
any other clients suggested for this type of connection?

..or can someone point me in the right direction to get cisco's vpnclient working with kernel 2.6.12-r8?
vpnclient 4.6.02-0030 and 4.6.02-0190 are both not working. cisco_ipsec module is fine... just hanging at 'initializing'
 
Old 09-22-2005, 09:34 PM   #7
nilleso
Member
 
Registered: Nov 2004
Location: ON, CANADA
Distribution: ubuntu, RHAS, and other unmentionables
Posts: 372

Original Poster
Rep: Reputation: 31

really? no one can help?
I didn't think this would be so terribly difficult for LQ'ers ... we need more Cisco VPN knowledge around here
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
VPN Connection! skate Linux - Newbie 4 09-10-2006 01:34 PM
vpnc connection browser problems? ksgill Linux - Newbie 1 11-27-2005 07:03 PM
vpn connection bahramcho Linux - Networking 1 05-04-2005 07:58 AM
vpn connection bahramcho Linux - Networking 1 04-29-2005 11:42 AM
VPN connection bahramcho Linux - Networking 1 04-25-2005 06:12 AM


All times are GMT -5. The time now is 02:33 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration