« Return to Thread: openconnect (Open Source/Free version of Cisco's AnyConnect VPN client)
Re: openconnect (Open Source/Free version of Cisco's AnyConnect VPN client)
by Kambiz Aghaiepour-2
::
Rate this Message:
Also, take a look at openvpn.net. They have client and server software
for all platforms (and it's an SSL based VPN) - extremely easy to setup.
Of course, if you're using the cisco SSL-VPN solution already, you
should be able to install the native client for Linux from your
endpoint. Did the downloaded "vpnsetup.sh" link that you get from your
endpoint not install properly on a Fedora box?
I just tried the native (cisco supplied) client on F12, and it was as
easy as point and click. Run the vpnsetup.sh script as root, and the
software is installed under: /opt/cisco/vpn/
and a standard init script is installed to run :
vpnagentd_init 0:off 1:off 2:off 3:on 4:on 5:on 6:off
The sole dependency is tun/tap driver support.
Then, from the Applications -> Internet menu, you can select the Cisco
AnyConnect VPN client
This is a native app and doesn't require a browser to be running or open.
openconnect sounds cool though (and you're not running crappy
proprietary software).
Kambiz
Brian Johnson wrote:
> All,
>
> First off, I write this not as an employee of OIT, but as a member of the
> Free/Open Source Software/GNU Linux community. OIT does not endorse,
> suggest, support or even acknowledge the following. It's just *really* cool.
>
> Secondly, despite all of my primary computers being Linux, I admit I don't
> know what the state of VPN on Linux is nowadays. This may be too little, too
> late.
>
> I do know, however, that getting a working VPN solution on Linux has
> been...contentious, to say the least, in the past. As you all hopefully
> know, we've been trying to migrate from the legacy VPN concentrator solution
> to an SSL-VPN solution. The first attempt was vpn.duke.edu. The latest, and
> hopefully permanent attempt, is portal.duke.edu. Both solutions require you
> go to a URL with a java-enabled browser (but not Free/Open Java, such as
> IcedTea, but Sun Java), download the AnyConnect client, and pray to the Java
> gods that it all magically works.
>
> For whatever reason, this process has never worked on my Fedora machines
> (now up to 12). While there is an investigation going on, I did some digging
> and discovered that there is, in fact, a Free/Open VPN client alternative
> that works with Cisco's AnyConnect SSL-VPN.
>
> That is openconnect.
>
> For Fedora folks, you can do a 'yum install openconnect
> NetworkworkManager-openconnect' which will install the main openconnect
> package, plus allows you to set up your VPN through Network Manager through
> NetworkManager-openconnect.
>
> For most infer...er, other distros, there should be an apt-get equivalent ;)
>
> Once you have it installed, you can test the main package by running (as
> root or through sudo) 'openconnect portal.duke.edu'. You'll be prompted for
> the profile you want to use, most people should just put '-Default-' (yes,
> you need the dashes before and after). You'll then be prompted for your
> Username: (your netid) and Password: (your netid password) and you should be
> connected.
>
> If you've installed the NetworkManager piece as well, you can go in and set
> up a new VPN connection (select openconnect versus openvpn (I think it is,
> ironically, I'm not at a Linux machine at the moment to test). If I recall
> correctly, the only piece you need is the server you're connecting to (
> portal.duke.edu) plus your netid and netid password.
>
> Anyway, thought I'd share this. Happy tinkering and feel free to share your
> thoughts/feedback.
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Dulug mailing list
> Dulug@...
> https://lists.dulug.duke.edu/mailman/listinfo/dulug
_______________________________________________
Dulug mailing list
Dulug@...
https://lists.dulug.duke.edu/mailman/listinfo/dulug
for all platforms (and it's an SSL based VPN) - extremely easy to setup.
Of course, if you're using the cisco SSL-VPN solution already, you
should be able to install the native client for Linux from your
endpoint. Did the downloaded "vpnsetup.sh" link that you get from your
endpoint not install properly on a Fedora box?
I just tried the native (cisco supplied) client on F12, and it was as
easy as point and click. Run the vpnsetup.sh script as root, and the
software is installed under: /opt/cisco/vpn/
and a standard init script is installed to run :
vpnagentd_init 0:off 1:off 2:off 3:on 4:on 5:on 6:off
The sole dependency is tun/tap driver support.
Then, from the Applications -> Internet menu, you can select the Cisco
AnyConnect VPN client
This is a native app and doesn't require a browser to be running or open.
openconnect sounds cool though (and you're not running crappy
proprietary software).
Kambiz
Brian Johnson wrote:
> All,
>
> First off, I write this not as an employee of OIT, but as a member of the
> Free/Open Source Software/GNU Linux community. OIT does not endorse,
> suggest, support or even acknowledge the following. It's just *really* cool.
>
> Secondly, despite all of my primary computers being Linux, I admit I don't
> know what the state of VPN on Linux is nowadays. This may be too little, too
> late.
>
> I do know, however, that getting a working VPN solution on Linux has
> been...contentious, to say the least, in the past. As you all hopefully
> know, we've been trying to migrate from the legacy VPN concentrator solution
> to an SSL-VPN solution. The first attempt was vpn.duke.edu. The latest, and
> hopefully permanent attempt, is portal.duke.edu. Both solutions require you
> go to a URL with a java-enabled browser (but not Free/Open Java, such as
> IcedTea, but Sun Java), download the AnyConnect client, and pray to the Java
> gods that it all magically works.
>
> For whatever reason, this process has never worked on my Fedora machines
> (now up to 12). While there is an investigation going on, I did some digging
> and discovered that there is, in fact, a Free/Open VPN client alternative
> that works with Cisco's AnyConnect SSL-VPN.
>
> That is openconnect.
>
> For Fedora folks, you can do a 'yum install openconnect
> NetworkworkManager-openconnect' which will install the main openconnect
> package, plus allows you to set up your VPN through Network Manager through
> NetworkManager-openconnect.
>
> For most infer...er, other distros, there should be an apt-get equivalent ;)
>
> Once you have it installed, you can test the main package by running (as
> root or through sudo) 'openconnect portal.duke.edu'. You'll be prompted for
> the profile you want to use, most people should just put '-Default-' (yes,
> you need the dashes before and after). You'll then be prompted for your
> Username: (your netid) and Password: (your netid password) and you should be
> connected.
>
> If you've installed the NetworkManager piece as well, you can go in and set
> up a new VPN connection (select openconnect versus openvpn (I think it is,
> ironically, I'm not at a Linux machine at the moment to test). If I recall
> correctly, the only piece you need is the server you're connecting to (
> portal.duke.edu) plus your netid and netid password.
>
> Anyway, thought I'd share this. Happy tinkering and feel free to share your
> thoughts/feedback.
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Dulug mailing list
> Dulug@...
> https://lists.dulug.duke.edu/mailman/listinfo/dulug
_______________________________________________
Dulug mailing list
Dulug@...
https://lists.dulug.duke.edu/mailman/listinfo/dulug
« Return to Thread: openconnect (Open Source/Free version of Cisco's AnyConnect VPN client)
| Free embeddable forum powered by Nabble | Forum Help |
