Page 1 of 55 1231151 ... LastLast
Results 1 to 10 of 541

Thread: HOWTO set up Juniper Network Connect VPN on Ubuntu Dapper

  1. #1
    Join Date
    Jun 2006
    Location
    Lexington, MA
    Beans
    183
    Distro
    Ubuntu 12.04 Precise Pangolin

    HOWTO set up Juniper Network Connect VPN on Ubuntu Dapper

    Hi all; I recently started a new job and I needs my remote access! My previous employer used Nortel Contivity and I used the Apani Contivity client; this was a bit of a pain since it's a proprietary kernel module, but it worked well (and it supported split tunneling, which is sweet!)

    My new job uses Juniper's Network Connect VPN, which does not use a KLM (nice!) but does not support split tunneling (boo!) It has a very nice feature where it will try to download and install the software to your system the first time you run it... and it supports Linux! Yay! But, it only supports Red Hat (and other RPM-based distros, most likely) Boo! However, I was able to get it working with a bit of playing around

    First, let me hand out props to this Flexion.org blog post by Martin... it got me going! However, it's specific to Ubuntu 5.10 and perhaps an earlier version of Network Connect and I needed to do a few different things.

    Here's what I had to do; make sure openssl and the proper libstdc++ libraries are installed, as well as Sun's Java:
    Code:
    sudo aptitude install openssl libstdc++2.10-glibc2.2 sun-java5-bin sun-java5-jre
    The installer wants to use su, not sudo. I just set my root password to something while I installed it, then reset it again later (find out how).

    The installer also wants to run RPM to make sure you have openssl etc. installed. Since it doesn't actually use RPM for anything other than a check, I decided to just make a fake rpm that always succeeds. Do this:
    Code:
    sudo ln -s /bin/true /usr/bin/rpm
    Finally, the service application tries to dlopen() the openssl library (I'm assuming, since ldd doesn't show it) and it's looking for libssl.so.0, which does not exist on our system per se. So make it exist with a symlink:
    Code:
    sudo ln -s libssl.so.0.9.8 /usr/lib/i686/cmov/libssl.so.0
    We're all set to install! Connect to your server and use the "Start" button next to "Network Connect" under Client Application Sessions. It will open a terminal and ask for a password for su: use the one you set above. It will then install and connect and all should be working well.

    At this point you can undo some of the customizations above: you won't need a root password anymore so you can undo that, and you can remove the rpm link:
    Code:
    sudo rm -f /usr/bin/rpm
    I've only tried the most basic stuff but it seems to be working well for me!
    "Please remain calm...I may be mad, but I am a professional." --Mad Scientist

  2. #2
    Join Date
    Jun 2006
    Beans
    19

    Re: HOWTO set up Juniper Network Connect VPN on Ubuntu Dapper

    I have done the same thing, except I didn't fake it out using your symlink method for rpm.

    Instead, I edited the $HOME/.juniper_networks/network_connect/xlaunchNC.sh. Towards the bottom is the code that looks for rpm.
    Code:
    rpm -q openssl 1>> $1/missing.info
    if [ "$?" -ne "0" ]
    then
        echo "RPM query for openssl failed." >> $1/missing.rpt
    fi
    I just commented these lines out. Then I ran
    Code:
    chattr +i xlaunchNC.sh
    ...on the file to prevent the logon script from overwriting this file on future logins to the vpn and reseting it back to default.

    Works great for me!
    Last edited by mcewanbr; August 20th, 2006 at 05:48 PM.

  3. #3
    Join Date
    Sep 2006
    Beans
    2

    Re: HOWTO set up Juniper Network Connect VPN on Ubuntu Dapper

    I also had to

    Code:
    sudo apt-get install lesstif2
    and

    Code:
    sudo ln -s /usr/lib/libXm.so.2 /usr/lib/libXm.so.3
    so that if found libXm.so.

    The dialog comes up, but it's filled with stuff like "label47". It's unreadable, but the VPN works great.

  4. #4
    Join Date
    Jun 2006
    Location
    Lexington, MA
    Beans
    183
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: HOWTO set up Juniper Network Connect VPN on Ubuntu Dapper

    I didn't need to install Motif or Lesstif. Weird!

    However, after updating to Edgy I had problems: it wanted to reinstall every time I tried to start my session. It turns out that whomever is creating the install and setup shell scripts for these packages is a horrible shell scripter. Really, I can't remember when I've seen worse. It's one thing to have crappy scripts for internal processes but to release them to customers? If you work for Juniper please find out who is responsible for this and beat them with a clue stick; they're embarrassing your company.

    Since in Edgy /bin/sh is really dash, not bash, and these scripts are in no way valid POSIX sh scripts, they break badly... but for no reason other than they're poorly written.

    I've attached new versions of these two scripts. Copy them into ~/.juniper_networks/network_connect. I made them immutable with chattr +i, as described elsewhere in this thread, although I'm not sure that's necessary.

    Hrmph. I can't attach anything. When I try to and click the upload button FireFox gives me a dialog saying I want to open newattachment.php and what application do I want to use? I tried "firefox" but that opened a blank window. So I guess if you need these, email me or send me a private message.
    Last edited by madscientist; November 10th, 2006 at 12:19 AM. Reason: Can't attach files.
    "Please remain calm...I may be mad, but I am a professional." --Mad Scientist

  5. #5
    Join Date
    Jun 2006
    Location
    Lexington, MA
    Beans
    183
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: HOWTO set up Juniper Network Connect VPN on Ubuntu Dapper

    Another hint: I was having my login session messed up every so often. After looking carefully I realized that my DHCP client kept rewriting my /etc/resolv.conf file every time my lease was re-acquired, so I was no longer using the VPN network's DNS servers. It was also rewriting the search string so searches for hostnames weren't being resolved correctly.

    The solution I used was to disable setting of the domain-name and domain-name-servers in my DHCP client; this means that if my DHCP server changed this I wouldn't automatically know about it which is a bummer, but that's very unlikely so it's the lesser of two evils.

    What you need to do is edit /etc/dhcp3/dhclient.conf, and remove the domain-name and domain-name-servers from the "request" attribute list. The docs are not very clear that this means that /etc/resolv.conf won't be updated, but in fact that seems to be the case. Note you need to restart the DHCP client; an easy way to do that is to run "sudo ifdown eth0" then "sudo ifup eth0" (or whatever your network interface is). I suppose you can also bring the interface down and back up through the GUI but I've had problems with that in the past.
    "Please remain calm...I may be mad, but I am a professional." --Mad Scientist

  6. #6
    Join Date
    Oct 2006
    Beans
    11

    Re: HOWTO set up Juniper Network Connect VPN on Ubuntu Dapper

    Question: I finally got the client to connect and work in my VMWare virtual machine of ubuntu, but as soon as it connected, the whole OS seemed to lock up.. and I think it may be because everything is getting routed through that adapter, and since I rely on NFS for my home dir and NIS for auth, that is probably killing it right?

    Anybody else have this problem? So my question is (and I suppose people might want this even if they weren't having this problem), how do I selectively route to this java adapter/client instead of it redirecting everything to that adapter?

    FG

  7. #7
    Join Date
    Jun 2006
    Beans
    Hidden!

    Re: HOWTO set up Juniper Network Connect VPN on Ubuntu Dapper

    madscientist, could you try to attach those files again ?? Also anyone get this to work with Feisty ??
    Last edited by tworkemon; December 19th, 2006 at 09:48 PM.

  8. #8
    Join Date
    Jul 2005
    Beans
    366

    Re: HOWTO set up Juniper Network Connect VPN on Ubuntu Dapper

    Hi madscientist, could you make Juniper "Network Connect" work with Edgy? If so can you update this howto? For the scripts, instead of attachments how about a simple copy/paste on a port here ?

    Thanks... hope you see this soon!

  9. #9
    Join Date
    Jan 2006
    Beans
    12

    Re: HOWTO set up Juniper Network Connect VPN on Ubuntu Dapper

    I was able to get this to work on Edgy following the first post. My only issue now is that I want tsclient to go through tun0 connection that Network Connect is using. Anyone know how to make that happen?

    I changed the order of my DNS and that resolved the issue.
    Last edited by wilem; January 9th, 2007 at 05:18 PM.

  10. #10
    Join Date
    Feb 2007
    Beans
    2

    Re: HOWTO set up Juniper Network Connect VPN on Ubuntu Dapper

    I get this error when trying to connect...



    This is pretty much the closest I got with google...

    http://www.juniperforum.com/index.php?topic=3014.0

    That didn't help much and now I'm kinda stuck here

Page 1 of 55 1231151 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •