[YLUG] York VPN instructions v2 [was: Re: java.io.IOException]

mike cloaked mike.cloaked at gmail.com
Thu Jul 16 19:46:42 UTC 2009


I did not quite finish the last posting - in fact the connection to
unix0 does not connect but sits hanging as in the last screenshot.
This is due to the missing ncsvc file I think.

So that is the state of play at present.... the basic vpn is fine but
the terminal sessions don't work - the directory listing is fine for
the m:drive files... so the only function that fails is the terminal
session.

Mike

On Thu, Jul 16, 2009 at 8:38 PM, mike cloaked<mike.cloaked at gmail.com> wrote:
> Dear Arthur
>
> I have been testing juniper/ssl/vpn this evening as promised.
>
> My laptop was updated and included the new java openjdk
> java-1.6.0-openjdk.i586            1:1.6.0.0-22.b16.fc11         installed
>
> I made sure that xterm was installed also.
>
> I am attaching screenshots of the main sessions.
>
> Initially I used firefox (firefox-3.5-1.fc11.i586) to connect to
> webvpn.york.ac.uk as seen in the first screenshot
>
> On connecting to Network Connect by clicking on the start button, I
> had to respond to the initial acceptance of security cert and then
> found I had an SElinux denial.
> The selinux denial was remedied by changing the security context for
> the .juniper_networks directory and its contents by issuing the
> command (as root)
> chcon -vR -t textrel_shlib_t .juniper_networks
>
> This then allowed the Network Connect to work.  Once I had clicked the
> start button then the vpn appeared to connect and gave a status window
> at the top of the screen as in the image attached called
> juniper-network-connect.jpg
>
> That the vpn was working was tested looking at the route -n command giving:
> Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
> 144.32.65.50    10.0.0.135      255.255.255.255 UGH   1      0        0 eth1
> 10.0.0.135      0.0.0.0         255.255.255.255 UH    1      0        0 eth1
> 10.0.0.0        0.0.0.0         255.255.255.0   U     2      0        0 eth1
> 144.32.0.0      172.18.1.14     255.255.0.0     UG    1      0        0 tun0
> 0.0.0.0         10.0.0.135      0.0.0.0         UG    0      0        0 eth1
>
> Then I checked if the tunnel was working by doing
> ssh gestalt
> I was able to login via the vpn immediately.
>
> Next I wanted to look at the unix0 terminal session but in Fedora F11
> there is no ncui so the file in
> .juniper_networks/network_connect/ncsvc was empty.
> I pulled your ncui rpm and installed it using
> yum localinstall ncui-6.4-0.i386.rpm --nogpgcheck
>
> Once this was done I had also to make the symlink to
> .juniper_networks/network_connect/ncsvc from /usr/local/nc/ncsvc
>
> However I then found that the /usr/local/nc/ncsvc file was in fact
> empty!  Hence I was not expecting the unix0 link on the page to work
> and indeed when I tried it the
>
> On Wed, Jul 1, 2009 at 10:24 PM, Arthur Clune<arthur at clune.org> wrote:
>> I've updated the page. The method there works for me on CentOS.
>>
>> http://www.clune.org/juniper_linux.html
>>
>> There's some serious kludges going on that clearly need fixing, but it
>> does work fine. I'll pass on the docs and the problems to the guy that
>> supports the VPN when he's back from holiday.
>>
>>
>>
>>
>> --
>> Arthur Clune arthur at clune.org
>>
>> _______________________________________________
>> York mailing list
>> York at lists.lug.org.uk
>> https://mailman.lug.org.uk/mailman/listinfo/york
>>
>
>
>
> --
> mike
>



-- 
mike



More information about the York mailing list