HOWTO set up Juniper Network Connect VPN on Ubuntu Dapper
Hi all; I recently started a new job and I needs my remote access! My previous employer used Nortel Contivity and I used the Apani Contivity client; this was a bit of a pain since it's a proprietary kernel module, but it worked well (and it supported split tunneling, which is sweet!)
My new job uses Juniper's Network Connect VPN, which does not use a KLM (nice!) but does not support split tunneling (boo!) It has a very nice feature where it will try to download and install the software to your system the first time you run it... and it supports Linux! Yay! But, it only supports Red Hat (and other RPM-based distros, most likely) Boo! However, I was able to get it working with a bit of playing around
First, let me hand out props to this Flexion.org blog post by Martin... it got me going! However, it's specific to Ubuntu 5.10 and perhaps an earlier version of Network Connect and I needed to do a few different things.
Here's what I had to do; make sure openssl and the proper libstdc++ libraries are installed, as well as Sun's Java:
The installer wants to use su, not sudo. I just set my root password to something while I installed it, then reset it again later (find out how).
sudo aptitude install openssl libstdc++2.10-glibc2.2 sun-java5-bin sun-java5-jre
The installer also wants to run RPM to make sure you have openssl etc. installed. Since it doesn't actually use RPM for anything other than a check, I decided to just make a fake rpm that always succeeds. Do this:
Finally, the service application tries to dlopen() the openssl library (I'm assuming, since ldd doesn't show it) and it's looking for libssl.so.0, which does not exist on our system per se. So make it exist with a symlink:
sudo ln -s /bin/true /usr/bin/rpm
We're all set to install! Connect to your server and use the "Start" button next to "Network Connect" under Client Application Sessions. It will open a terminal and ask for a password for su: use the one you set above. It will then install and connect and all should be working well.
sudo ln -s libssl.so.0.9.8 /usr/lib/i686/cmov/libssl.so.0
At this point you can undo some of the customizations above: you won't need a root password anymore so you can undo that, and you can remove the rpm link:
I've only tried the most basic stuff but it seems to be working well for me!
sudo rm -f /usr/bin/rpm
"Please remain calm...I may be mad, but I am a professional." --Mad Scientist