Subject: | |
From: | |
Reply To: | |
Date: | Mon, 1 Jun 2009 02:23:40 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Hi Urs,
Thank you so much.
Yes, Fermilab is using a cisco vpn server and I was able to follow your
directions to use vpnc with minor tweaks (including the small
profile.vpnc -> profile.conf correction you sent out; Thanks).
I used vpnc 0.5.3-1.el5.rf from the dag repo.
I had to make sure cisco-decrypt was in my path so the pcf2vpnc command
would not bark. I had to chmod +x /etc/vpnc/vpnc-script (seems like an
rpm install issue).
Thanks again,
Ron
Urs Beyerle wrote:
> Hi Ron,
>
> Assuming that fermilab is using a cisco vpn server, you can use the
> cisco closed source client (only available from cisco) or you can use vpnc.
>
> I prefer vpnc, because it does not require a kernel module that has to
> be compiled after every kernel update.
>
> How to install and use vpnc:
>
> Download source code or rpm for el5 - just google for it. Or you can use
> my rpm from
> http://download.opensuse.org/repositories/home://beyerle://LiveCD/
>
> At the moment it's vpnc-0.5.1-12.1.
>
> Install vpnc as root
> # rpm -ihv
> http://download.opensuse.org/repositories/home:/beyerle:/LiveCD/RHEL_5/i386/vpnc-0.5.1-12.1.i386.rpm
>
> You need a cisco configuration file .pcf from fermilab. If you had once
> a cisco client from fermilab, you should still have it, search below
> /etc directory, for example
> # find /etc -name "*.pcf"
>
> Assuming your pcf file has the name profile.pcf, convert it to a vpnc
> configuration file with
> # pcf2vpnc profile.pcf > profile.vpnc
>
> Copy it into /etc/vpnc/
> # cp profile.conf /etc/vpnc/
>
> Start vpnc as root with
> # vpnc profile
>
> and enter username and password
>
> To stop vpnc run
> # vpnc-disconnect
>
>
> Hope this helps,
>
> Urs
>
>
>
> Ron Rechenmacher wrote:
>> Does anyone know a recipe for connecting to fermilab's CD vpn
>> from an SLF5 system with the recent SLF5 kernel?
>> I've been using vpnclient-linux software (which I originally got from
>> the lab) from which I build a kernel module against the recent
>> kernel.org kernels, but I am now wondering how I could connect if I
>> were to use the recent SLF5 kernel -- where there does not appear to
>> be a cisco_ipsec module available. But I am aware that there are
>> alternative vpn clients methods (ie vpnc or openvpn), but I do not
>> know how to use/configure them.
>> Thanks for any info.
>> --Ron
|
|
|