You are not logged in.
Hi All,
I just installed KVpnc and imported a cisco profile (.pcf file) so I can connect to my office network. This worked great and I'm able to connect successfully. The problem I have is I need to RDP into my work machine (running Windows XP) but this doesnt seem to be working.
I installed 'pacman -S rdesktop) and from the command line when using the following command it just sits there with 'Autoselected keyboard map en-us'
[root@arch ~]# rdesktop myxpcomputer.company.com
Autoselected keyboard map en-us
I tried pinging the machine but that doesnt return ANY lines. Any ideas?
thanks
Hardeep
Offline
Another thing to note, when i'm successfully connected to VPN over KVpnc I cant actually ping anything (ie. google.com). I seem to lose internet connectivity and cant browse any pages either, I remember that was a problem, when being connected to VPN losing direct internet connectivity, that's not a huge issue for me but after being connected to VPN I need to figure out what i'm doing wrong in getting an RDP session to my XP computer in the office network.
Thanks for the help in advance.
Offline
Another related question, for doing this (accessing an XP machine over VPN) do most people prefer rdesktop to vnc? I've just installed tightvnc and working through some information on how to use it but wanted to gauge opinion on what experienced users prefer.
Offline
Any ideas on this one? I just needed some direction on how others are connecting to Windows machines, given the VPN looks like it's working I just need to find out what i'm doing wrong with rdesktop
Offline
Is the rdp server set up correctly? Have you tried to connect from a windows machine?
man rdesktop gives you different options you could try, p.e. -4 to use an older protocol, or try specifying the window size with -g.
You could also try an other rdp client, p.e. remmina (with remmina-plugins).
EDIT:
After rereading your posts: Seems like your vpn doesn't work. Obviously you can't connect to the rdp server if you can't even ping it.
Last edited by ferda (2011-01-20 11:19:00)
Offline
Thanks ferda, yeah I seem to lose complete connectivity after the KVpnc client successfully connects to my work VPN.
success: [vpnc] Connection established.
I see that entry in the log for KVpnc but not sure why it doesnt let me access any machines, you're right that it's a VPN issue because if I take rdesktop out of the equation and try and access an internal website that also doesnt work - then again nothing does, not even google.
I may try another vpn client, do you know one that can import .pcf (cisco) profiles that works on Linux? The one with the default gnome install on Ubuntu, Fedora etc seems to do the trick, i'm running xfce4 so i'm not sure what my options are.
Offline
I use vpnc with a similar setup; it sounds to me like you're having issues with dns lookups and/or routing. I'd suggest trying to use vpnc instead, as I recall I tried KVpnc when I was first trying to get this setup and had a lot of problems. It comes with a utility pcf2vpnc that should be able to convert your cisco pcf to the needed format. This may be more than you want, but I also run dnsmasq when I'm connected via VPN; this handles directing all traffic for machines on .mycompany.com domains to the correct destination subnet so it goes over the interface. That is, when I am connected via VPN, I have:
[2011-01-20 07:56:08 alfheim:/home/patrick]
1005 ~ % route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
XXX.XXX.XXX.XXX * 255.255.255.255 UH 0 0 0 tun0
default 192.168.1.1 255.255.255.255 UGH 0 0 0 eth0
Where "XXX.XXX.XXX.XXX" is on my company's network (handled by the VPN interface, tun0). With these routes + dnsmasq, I am able to have my "non-work" (gmail, etc.) traffic go over eth0 (i.e. not over my work's network) and all my work go over tun0.
EDIT: looks like kvpnc uses vpnc under the hood, so using vpnc directly may not be the full solution. After you've established the vpn connection, what does route show? When you try to ping one of your work machines, does it resolve the address or simply say "unknown host"?
Last edited by nogoma (2011-01-20 13:01:41)
-nogoma
---
Code Happy, Code Ruby!
http://www.last.fm/user/nogoma/
Offline
Hi Nogoma,
Thanks for the information.
Yes vpnc seems to be a component of kvpnc, i installed it again just to make sure.
[root@arch ~]# pacman -S vpnc
warning: vpnc-0.5.3-3 is up to date -- reinstalling
resolving dependencies...
looking for inter-conflicts...
Targets (1): vpnc-0.5.3-3
Total Download Size: 0.00 MB
Total Installed Size: 0.23 MB
Proceed with installation? [Y/n] y
checking package integrity...
(1/1) checking for file conflicts [######################] 100%
(1/1) upgrading vpnc [######################] 100%
[root@arch ~]# ping google.com
The ping command when I'm connected actually doesnt do anything, the cursor jumps to the next line but nothing happens, no errors, no nothing.
Is there any documentation on the Arch Wiki's specifically for vpn through cisco? I cant find anything specific but i'm sure it must exist as this seems like a pretty common requirement. Unfortunately most offices I know still run Windows.
Offline
I don't believe there's a wikipage for it. I'll describe what I can remember from getting this set up originally here; if it turns out to be useful, perhaps I will wiki it up.
Run pcf2vpnc on your .pcf file; I saved the result to /etc/vpnc/mywork.conf
% pcf2vpnc mywork.pcf mywork.conf
At this point, you can test by:
% sudo /usr/sbin/vpnc /etc/vpnc/mywork.conf
Depending on how the VPN is configured, this should re-write your resolv.conf with the correct info for DNS lookups, and you should have a new interface (tun0 in the below):
[2011-01-20 13:41:35 alfheim:/etc/vpnc]
1083 vpnc % ifconfig
eth0 Link encap:Ethernet HWaddr 00:22:68:3E:92:76
inet addr:192.168.1.3 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::222:68ff:fe3e:9276/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:12896053 errors:0 dropped:0 overruns:0 frame:0
TX packets:9890866 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:15647485067 (14922.6 Mb) TX bytes:5493157964 (5238.6 Mb)
Interrupt:40
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.136.4.244 P-t-P:10.136.4.244 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1412 Metric:1
RX packets:86082 errors:0 dropped:0 overruns:0 frame:0
TX packets:109796 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:32603385 (31.0 Mb) TX bytes:11404448 (10.8 Mb)
If you can verify that the new interface is created and that some meaningful change has been made to resolv.conf (it isn't pointing to your router or whatever it usually does for the nameserver), then check route to see if tun0 is setup as your default route.
That should be the basic steps to getting it setup; however, in this setup note that all your traffic will flow over the VPN. Once you can confirm whether the above works or not, I can describe my setup in more detail if you'd like to "separate" your traffic between the VPN (tun0) and your usual network (eth0 interface).
-nogoma
---
Code Happy, Code Ruby!
http://www.last.fm/user/nogoma/
Offline
Hi Nogoma,
That worked a treat, thanks very much. I can now vpn into my network and rdesktop works great too. I would definitely suggest this go into a wiki, i've made a note of it in my personal doc which i've been building for my Toshiba Tecra A10 laptop, all my major requirements have been satisfied so I think Arch will be on this laptop for a long time to come.
Thanks again.
Hardeep
Offline