VPN appears to connect, but doesn't

[bjoarn]

I can see that this is an old thread, but since it has not been resolved I will post my problem here as well. I believe this is the same issue.

First some details:
PC Dell Latitude 830 w. Intel Centrino Processor
Ubuntu 10.10
VPN Client vpnc version 0.5.3
Connecting via wireless or wired

My problem is as follows:

I am trying to connect to my work VPN server, the VPN appears to connect but I can not reach any of the internal network services the VPN should give me access to. I can reach other services, e.g. web and email, but they are responding much slower than when not connected to the "faulty" VPN.

My colleague can connect using cisco VPN on a Windows 7 machine with no problems. We've tried the exact same profile on both machines (.pcf import) but nothing works on my Ubuntu Laptop.

I've tried the suggestions on this thread with no success.

I don't suppose anyone has found a solution to this problem in the past 8 months?
Does anyone know where to find logs for the VPN client?
Is /var/log/syslog the best choice here?

Thanks

[zzantozz]

I can see that this is an old thread, but since it has not been resolved I will post my problem here as well. I believe this is the same issue.

[....]

Have you tried connecting with vpnc at the command line? My Network Manager VPN profiles still don't work (since my July 2010 post in this thread), but I can connect from the command line just fine with "sudo vpnc <target>". I'm still waiting and hoping that NetworkManager will start working with some update. Maybe in 11.04...

[bjoarn]

Thanks zzantozz, the command line works I sure hope that they will fix this issue in a near-future release though.

I did notice that the Network Manager VPN seems to work from some sites (e.g. from my wlan at home) but not from others (the wlan at work). I am not sure what the difference is but the command line works in both locations so this is no longer a show stopper for me.

I will paste in the vpnc parameters that worked for me, in case it helps someone else until this issue gets fixed.

Code:

sudo vpnc --gateway  <gateway ip address> --id <group name> --username <user name> --domain <domain name>

The command line prompts for a secret, where I typed in the Group Password, and then for the password for my user.

Thanks again.

[zzantozz]

Note that you can also create a vpnc config file so that you don't have to keep all that on the command line. See "man vpnc" for details, but briefly, create a file named <whatever>.conf in /etc/vpnc. The vpnc man page has the corresponding conf file setting for each command line arg. For instance, I have a file /etc/vpnc/sat1.conf, which looks like:

Code:

$ cat /etc/vpnc/sat1.conf 
IPSec gateway <the vpn gateway>
IPSec ID <group id>
IPSec secret <group password>
Xauth username <user id>
IKE Authmode psk
# Xauth password <user password>

With this file, I can then just run "sudo vpnc sat1", and it uses those settings. My user password is based on a rotating RSA token, so I've commented that out, and it asks for my password each time.

As an alternative to manually writing the file, there's a Perl script out there called "pcf2vpnc" that will convert a Cisco pcf config file to a vpnc one. There's also some C code called "cisco-decrypt.c" that will decrypt encrypted passwords from said pcf files if you need those. Just google around a bit to find them as well as instructions for using them.

[bjoarn]

Brilliant, thanks again zzantozz