Sunday, September 07, 2008

Ubuntu and Cisco VPN clients

I recently decided that I would abandon Windows completely and start using only Linux as a desktop environment for my work laptop. At home I already used Linux on a majority of the workstations and even my girlfriend is using Linux on here laptop. However, using a Linux workstation in a corporate environment can be somewhat hard if the rest of the company is still sticking with Windows.

So I have hade some problems to solve and one of them was the connection to the office and the datacenter. We use cisco PIX equiopment to give remote users access to the office so they all have a Cisco VPN client installed. I have checked the Cisco website and the amount of Linux tools they are offering was somewhat disapointing. I found a part of the solution written by Tyler on his longren.org weblog.

However, I did have some problems when I followed his setup steps when I tried to install it on Ubuntu hardy (Ubuntu 8.04.1). To check the version of Ubuntu enter the following command: lsb_release -a

The problem was that I got the following error during the making of the module:

Making module
make -C /lib/modules/2.6.24-16-generic/build SUBDIRS=/home/igfud/Desktop/vpnclient modules
make[1]: Entering directory `/usr/src/linux-headers-2.6.24-16-generic'
CC [M] /home/igfud/Desktop/vpnclient/linuxcniapi.o
In file included from /home/igfud/Desktop/vpnclient/Cniapi.h:15,
from /home/igfud/Desktop/vpnclient/linuxcniapi.c:31:
/home/igfud/Desktop/vpnclient/GenDefs.h:113: error: conflicting types for ‘uintptr_t’
include/linux/types.h:40: error: previous declaration of ‘uintptr_t’ was here
make[2]: *** [/home/igfud/Desktop/vpnclient/linuxcniapi.o] Error 1
make[1]: *** [_module_/home/igfud/Desktop/vpnclient] Error 2
make[1]: Leaving directory `/usr/src/linux-headers-2.6.24-16-generic'
make: *** [default] Error 2
Failed to make module "cisco_ipsec.ko".

After some searching I found the solution. So if you experiencing the same problems you can try and follow the following steps:
  1. Download vpnclient-linux-x86_64-4.8.01.0640-k9.tar.gz from the tux-home.at website.
  2. Extract the downloaded archive with tar xzf
  3. Download the patch from the tux-home.at website, this is patch vpnclient-linux-2.6.24-final.diff
  4. go into the new directory created by extracting the client and apply the diff patch by executing the following command: patch <>
  5. Now start the installer by exectuting: sudo ./vpn_install
This is all it takes to install the VPN client. You might want to install you pcf profiles. This can be done by simply placing them into /etc/opt/cisco-vpnclient/profiles/

You can start a VPN session by executing the following command: sudo vpnclient connect myprofile (if your profile is named myprofile).

You have to make sure that the vpn client itself is started. you can find the start/stop script in /etc/init.d however to make things more easy for myself I have created a script for every connection I have. You might want to use the same approuche, the script is below so you can edit it to your own use:

#!/bin/bash
echo init the vpnclient
echo
/etc/init.d/vpnclient_init restart
echo
echo vpnlient process started
echo
vpnclient connect myprofile

Make sure you start the script with a sudo.
Post a Comment