Saturday, September 23, 2017
cisco vpn with vpnc
cisco vpn with vpnc
Q: you have a cisco vpn on work you want to connect to from ubuntu 10.10.
A:
You need to install:
If you have a
cisco vpn profile - *.pcf you can use it - import or convert.
If you decide to go with the gui - the plugin allows you to import the pcf directly - the Import button. Note, that the plugin is installed into NM ->Vpn connections and not as a separate app.
If the group password is encrypted, it will get decrypted when importing this way. So you can use it then in the manual config described below.
If you decide to go with CLI, you need to create the config manually or convert the pcf. See this guide.
If the decrypt part seems too complicated, use http://www.unix-ag.uni-kl.de/~massar/bin/cisco-decode to decrypt the group pass or import the pcf (if you have it) into the Network-manager gui.
Tips:
Q: how to open several connections at the same time.
A: vpnc-connect uses the same port for connections. It will be busy if you create a second connection. Use a random port by passing --local-port 0 option. (2 dashes)
Next, vpnc uses the same PID file. If you open 2 vpns and disconnect one, you wont be able to close the other via vpnc-disconnect.
Theres an --pid-file option you can use. I made the following alias:
#!/bin/bash
function dc {
PID="$(cat "$1" 2> /dev/null)"
echo -n "Terminating $i..."
sudo kill $PID
echo done
}
pidfiledir=/var/run/vpnc
if [ $# -gt 1 ]; then
echo "Usage: $0 [vpn_provider]" 1>&2
exit 1
fi
if [ -z $1 ]; then
for i in "$pidfiledir"/*.vpnpid ; do
dc "$i"
done
else
dc "$pidfiledir/$1.vpnpid"
fi
Now I connect by $cvpn
and disconnect by $dvpn or $dvpn
A:
You need to install:
- vpnc - cisco vpn implementation (must)
- resolvconf - package to easily manage changes in /etc/resolv.conf. I.e. manage your dns servers config, since vpn connections add its DNSes. (optional)
- network-manager-vpnc - gui plugin for NM. Note that now (ubuntu 10.10) NM supports only 1 vpn connection at a time (regardless of type, PPTP or VPNC etc), so you wont be able to have several vpns connected. (optional)
If you have a
cisco vpn profile - *.pcf you can use it - import or convert.If you decide to go with the gui - the plugin allows you to import the pcf directly - the Import button. Note, that the plugin is installed into NM ->Vpn connections and not as a separate app.
If the group password is encrypted, it will get decrypted when importing this way. So you can use it then in the manual config described below.
If you decide to go with CLI, you need to create the config manually or convert the pcf. See this guide.
If the decrypt part seems too complicated, use http://www.unix-ag.uni-kl.de/~massar/bin/cisco-decode to decrypt the group pass or import the pcf (if you have it) into the Network-manager gui.
Tips:
Q: how to open several connections at the same time.
A: vpnc-connect uses the same port for connections. It will be busy if you create a second connection. Use a random port by passing --local-port 0 option. (2 dashes)
Next, vpnc uses the same PID file. If you open 2 vpns and disconnect one, you wont be able to close the other via vpnc-disconnect.
Theres an --pid-file option you can use. I made the following alias:
cvpn() { sudo vpnc-connect --local-port 0 --pid-file /var/run/vpnc/$1.vpnpid $1 ; }and a custom disconnect script, since the original is not suitable for it:
#!/bin/bash
function dc {
PID="$(cat "$1" 2> /dev/null)"
echo -n "Terminating $i..."
sudo kill $PID
echo done
}
pidfiledir=/var/run/vpnc
if [ $# -gt 1 ]; then
echo "Usage: $0 [vpn_provider]" 1>&2
exit 1
fi
if [ -z $1 ]; then
for i in "$pidfiledir"/*.vpnpid ; do
dc "$i"
done
else
dc "$pidfiledir/$1.vpnpid"
fi
Now I connect by $cvpn
and disconnect by $dvpn or $dvpn
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment