[HOWTO] VPNC - Free client to cisco Virtual Private Network

granjerox · 2008-05-31 15:42:49

Hi all, I want to leave here on record what today after a long time I
have achieved. And it is to configure correctly vpnc to connect to my
university network.

As almost always happens, help info in the university site was for the
windows client. For linux is recommended to install the cisco client, but
there has been no way to make it run. The examples that I show are
from my configuration, depending on how your VPN server is configurated
your configuration files may differ a little thing to mine, although I think
that may case may be a bit extrem.

What do you need?

1º Your username and password.

2º The "configuration.pcf" connection profile. Mine is so:

[main]

Description=VPN Verbindung Uni Karlsruhe - alles getunnelt

Host=vpn.uni-karlsruhe.de

AuthType=5

GroupName=vpn

GroupPwd=

enc_GroupPwd=ABED22A5C87C97A1A46DCF3B7318FF31A3DCF07E1714F1F0A62DA51456D94BD62FCC576D465E24FD55463E2E5E673BA8

EnableISPConnect=0

ISPConnectType=0

ISPConnect=

ISPPhonebook=

ISPCommand=

Username=

SaveUserPassword=0

UserPassword=

enc_UserPassword=

NTDomain=

EnableBackup=0

BackupServer=

EnableMSLogon=1

MSLogonType=0

EnableNat=1

TunnelingMode=0

TcpTunnelingPort=10000

CertStore=1

CertName=

CertPath=

CertSubjectName=

CertSerialHash=00000000000000000000000000000000

SendCertChain=0

VerifyCertDN=CN*".rz.uni-karlsruhe.de"

PeerTimeout=90

EnableLocalLAN=1

3º Server Digital Certificate, "certificate.der"

Lets make it :

1º Install the needed packages

sudo pacman -S vpnc openssl

2º Put in a directory the profile.pcf and certificate.der

3º Convert the profile.pcf to vpnc format

pcf2vpnc profile.pcf default.conf

Obtaining the next default.conf

## generated by pcf2vpnc
IPSec ID vpn
IPSec gateway vpn.uni-karlsruhe.de
IPSec secret vpnvpn

IKE Authmode hybrid

## To add your username and password,
## use the following lines:
# Xauth username <your username>
# Xauth password <your password>

4º Convert your certificate from certificate.der to certificate.pem

openssl x509 –in certificate.der –inform DER –out certificate.pem –outform PEM

5º Modify the default.conf file to look like this

## generated by pcf2vpnc
IPSec ID vpn
IPSec gateway vpn.uni-karlsruhe.de
IPSec secret vpnvpn

IKE Authmode hybrid

## To add your username and password,
## use the following lines:
IKE DH Group dh2
Xauth username USER
Xauth password PASSWD
CA-File /etc/vpnc/certificate.pem

5º Copy the configuration files to /etc

sudo cp default.conf /etc/vpnc/
sudo cp certificate.pem /etc/vpnc/

6º Now you can run the client

sudo vpnc

The output should be like

VPNC started in background (pid: 8845)...

I hope it helps you!!

Last edited by granjerox (2008-05-31 15:45:08)

elephantos · 2008-06-14 07:26:14

thanks for this tutorial. my university also prefers cisco vpn client, and i've been putting off finding an adequate solution on linux.

e: it works!

Last edited by elephantos (2008-07-08 18:03:07)

Pierre · 2008-06-14 08:22:40

Just for reference: For those living in bon there are packages for Arch: http://users.archlinux.de/~pierre/packages/any/ :-)

dieper · 2016-05-12 01:36:57

Useful information! Thanks!

graysky · 2016-05-12 08:21:06

You probably want to put this on the wiki...forum posts get less coverage in general.

jasonwryan · 2016-05-12 08:25:02

Please don't necrobump: https://wiki.archlinux.org/index.php/Fo … bumping.22

Closing

Arch Linux

#1 2008-05-31 15:42:49

[HOWTO] VPNC - Free client to cisco Virtual Private Network

#2 2008-06-14 07:26:14

Re: [HOWTO] VPNC - Free client to cisco Virtual Private Network

#3 2008-06-14 08:22:40

Re: [HOWTO] VPNC - Free client to cisco Virtual Private Network

#4 2016-05-12 01:36:57

Re: [HOWTO] VPNC - Free client to cisco Virtual Private Network

#5 2016-05-12 08:21:06

Re: [HOWTO] VPNC - Free client to cisco Virtual Private Network

#6 2016-05-12 08:25:02

Re: [HOWTO] VPNC - Free client to cisco Virtual Private Network

Board footer