How to: Cisco VPN using VPNC Ubuntu 9.04
This guide is for ubuntu users who want to connect to Cisco VPN. We will be using VPNC (it is in ubuntu 9.04 repo). This guide assumes you have profile file in .pcf format (we will use cisco.pcf as an example here).
Let’s begin and follow the steps exactly replacing your own pcf file:
Go to terminal:
* Create a directory:
Change to that directory:
* Download cisco-decrypt file which will be used to decrypt the group password from your pcf file:
Code:
wget http://www.debuntu.org/files/cisco-decrypt.c
Code:
sudo apt-get install libgcrypt11-dev
Code:
gcc -Wall -o cisco-decrypt cisco-decrypt.c $(libgcrypt-config --libs --cflags)
Code:
chmod +x cisco-decrypt
Code:
sudo cp cisco-decrypt /usr/bin
* Download pcf2vpnc to convert pcf files in vpnc configuration format
Code:
wget http://svn.unix-ag.uni-kl.de/vpnc/trunk/pcf2vpnc
Code:
sudo cp pcf2vpnc /usr/bin
* Go to windows vpn profiles directory and convert .pcf files to .conf files
Code:
pcf2vpnc cisco.pcf > cisco.conf
Note:replace above cisco.pcf with your own .pcf file.
Code:
sudo cp cisco.conf /etc/vpnc/
* install vpnc and connect to vpn
Code:
sudo apt-get install vpnc resolvconf
Enter username for <vpn> :
Enter password for <vpn>:
VPNC started in background (pid: 6092)...
* To disconnect simply do
Code:
sudo vpnc-disconnect
After your VPN has been established then connect to your remote desktop
Go to Applications >> Internet >> Terminal server client
Or
In terminal run Goodluck
Re: How to: Cisco VPN using VPNC Ubuntu 9.04
This is a rip from another guide, but still useful here although it won't work because, just like the guide you C&Pasted from, I think that you have replicated an important error:
i) $ grep enc_GroupPwd *.pcf|sed -e 's/!enc_GroupPwd=//'
Please note the ticks are not back-ticks.
e.g 23EEEEA7E675AA2BA3333333387AEE5E17EEFB69C27E708933 33333353E8B6D621111117C2DA11E494025C3EDD4969CDBABB 97A222223C73FEAE168DDD45F70014A1234567890123456789 0
ii) Copy the result and use it as input for the cisco-decrypt command
e.g $ cisco-decrypt 23EEEEA7E675AA2BA3333333387AEE5E17EEFB69C27E708933 33333353E8B6D621111117C2DA11E494025C3EDD4969CDBABB 97A222223C73FEAE168DDD45F70014A1234567890123456789 0
iii) Take the result and place it into the vpnc profile e.g /etc/vpnc/default.conf, and add it to this varible, e.g
Code:
IPSec secret MySillyPasswordIsPOOH
Re: How to: Cisco VPN using VPNC Ubuntu 9.04
My mistake. I just looked at the pcf2vpnc perl script and it actually searches for the cisco-decrpt command. Ignore my post :)
Re: How to: Cisco VPN using VPNC Ubuntu 9.04
Quote:
Originally Posted by
zong1
This is a rip from another guide, but still useful here although it won't work because, just like the guide you C&Pasted from, I think that you have replicated an important error:
i) $ grep enc_GroupPwd *.pcf|sed -e 's/!enc_GroupPwd=//'
Please note the ticks are not back-ticks.
e.g 23EEEEA7E675AA2BA3333333387AEE5E17EEFB69C27E708933 33333353E8B6D621111117C2DA11E494025C3EDD4969CDBABB 97A222223C73FEAE168DDD45F70014A1234567890123456789 0
ii) Copy the result and use it as input for the cisco-decrypt command
e.g $ cisco-decrypt 23EEEEA7E675AA2BA3333333387AEE5E17EEFB69C27E708933 33333353E8B6D621111117C2DA11E494025C3EDD4969CDBABB 97A222223C73FEAE168DDD45F70014A1234567890123456789 0
iii) Take the result and place it into the vpnc profile e.g /etc/vpnc/default.conf, and add it to this varible, e.g
Code:
IPSec secret MySillyPasswordIsPOOH
No idea what you on about but the guide I posted works for me. It is not copy paste from any other guide, it is taken from plenty of other web resources and added as what works in easy steps.
Re: How to: Cisco VPN using VPNC Ubuntu 9.04
thanks, 9.1 network manager failed to connect after importing the pcf file and i hoped this would work first time (dream on)
but i got this (i changed some details both here and in the cisco.conf before posting it!)
Enter password for xxuser@86.134.137.205:
vpnc: Error binding to source port. Try '--local-port 0'
Failed to bind to 0.0.0.0:500: Address already in use
if it helps my cisco.conf file ended up like this and has the correct decoded IPsec ...
## generated by pcf2vpnc
IPSec ID CountyRAS
IPSec gateway 86.134.137.205
IPSec secret KD8XCh9ivkakHCJTn3Ci
Xauth username xxfuser
IKE Authmode psk
so i added local-port 0 but it kept prompting for password and eventually i got Password for VPN xxfuser@86.134.137.205:
vpnc: no response from target
i know the user password is correct as i have windows virtualbox wich runs fine (i got an install from checkpoint.com) which took the pcf straight in
in my windows one i notice i had to quote a domain like xx.county.com and i wasn't prompted for this and its not in the pcf file
Re: How to: Cisco VPN using VPNC Ubuntu 9.04
I’m able to connect properly but I can’t see anything on the network. It works fine in windows and I can ping the IP 172.21.90.102, but I can’t in Ubuntu 10.
Netstat for windows gives this:
Code:
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.103 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
172.21.90.102 255.255.255.255 192.168.150.177 192.168.150.177 1
192.168.2.0 255.255.255.0 192.168.2.103 192.168.2.103 20
192.168.2.15 255.255.255.255 192.168.2.103 192.168.2.103 1
192.168.2.103 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.2.255 255.255.255.255 192.168.2.103 192.168.2.103 20
192.168.150.177 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.150.255 255.255.255.255 192.168.150.177 192.168.150.177 20
207.195.60.25 255.255.255.255 192.168.2.1 192.168.2.103 1
224.0.0.0 240.0.0.0 192.168.2.103 192.168.2.103 20
224.0.0.0 240.0.0.0 192.168.150.177 192.168.150.177 20
255.255.255.255 255.255.255.255 192.168.2.103 192.168.2.103 1
255.255.255.255 255.255.255.255 192.168.150.177 192.168.150.177 1
Default Gateway: 192.168.2.1
===========================================================================
Ubuntu gives this:
Code:
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
172.21.91.1 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
207.195.59.25 192.168.2.1 255.255.255.255 UGH 1500 0 0 eth0
192.168.150.177 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
172.21.90.3 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
172.21.90.102 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 eth0
Is there something I need to do to fix this? Can I just add a route or two after the connection is completed?
Re: How to: Cisco VPN using VPNC Ubuntu 9.04
http://www.debuntu.org/files/cisco-decrypt.c <-- This file appears to be removed. I'm getting a 404.
Does anyone still have the script please? ^^
Re: How to: Cisco VPN using VPNC Ubuntu 9.04
Yay, googled for cisco-decrypt.c and found it here:
http://www.unix-ag.uni-kl.de/~massar...isco-decrypt.c
Hope it's the same file :P Will go forward with the procedure now ^^
Re: How to: Cisco VPN using VPNC Ubuntu 9.04
Hello All,
I've done this many times without fail and now I have a new system that I'm trying to setup Cisco vpnc on to no avail. Here are my findings.
I get this as an error:
Code:
decoding input: No such file or directory
after I run this:
Code:
pcf2vpnc cisco.pcf > cisco.conf
In the past, all I did was take the contents of my .pcf file and copied the contents of it to the cisco.pcf file. But, for some reason this time out, it's not working. The rest of the instructions are pretty much straight forward.
Also, are there any other files and directories I should know about and their contents? I am aware of the files files that reside in /etc/vpnc and /usr/bin. Are there anymore directories I should be aware of? Any help or insight would be greatly appreciated.
Best Regards,
freesparks
Re: How to: Cisco VPN using VPNC Ubuntu 9.04
Quote:
Originally Posted by
freesparks
Hello All,
I've done this many times without fail and now I have a new system that I'm trying to setup Cisco vpnc on to no avail. Here are my findings.
Are you using ubuntu 10.04? it should work as it is on 10.04 and 10.10 which i have tested on.