[YLUG] York VPN instructions v2 [was: Re: java.io.IOException]
mike cloaked
mike.cloaked at gmail.com
Thu Jul 16 20:28:53 UTC 2009
Please note that my original had screenshots that were too large to be
accepted by YLUG - so was rejected - but the main gist of the posting
is in the text part copied in the email below.
Mike
On Thu, Jul 16, 2009 at 8:46 PM, mike cloaked<mike.cloaked at gmail.com> wrote:
> I did not quite finish the last posting - in fact the connection to
> unix0 does not connect but sits hanging as in the last screenshot.
> This is due to the missing ncsvc file I think.
>
> So that is the state of play at present.... the basic vpn is fine but
> the terminal sessions don't work - the directory listing is fine for
> the m:drive files... so the only function that fails is the terminal
> session.
>
> Mike
>
> On Thu, Jul 16, 2009 at 8:38 PM, mike cloaked<mike.cloaked at gmail.com> wrote:
>> Dear Arthur
>>
>> I have been testing juniper/ssl/vpn this evening as promised.
>>
>> My laptop was updated and included the new java openjdk
>> java-1.6.0-openjdk.i586 1:1.6.0.0-22.b16.fc11 installed
>>
>> I made sure that xterm was installed also.
>>
>> I am attaching screenshots of the main sessions.
>>
>> Initially I used firefox (firefox-3.5-1.fc11.i586) to connect to
>> webvpn.york.ac.uk as seen in the first screenshot
>>
>> On connecting to Network Connect by clicking on the start button, I
>> had to respond to the initial acceptance of security cert and then
>> found I had an SElinux denial.
>> The selinux denial was remedied by changing the security context for
>> the .juniper_networks directory and its contents by issuing the
>> command (as root)
>> chcon -vR -t textrel_shlib_t .juniper_networks
>>
>> This then allowed the Network Connect to work. Once I had clicked the
>> start button then the vpn appeared to connect and gave a status window
>> at the top of the screen as in the image attached called
>> juniper-network-connect.jpg
>>
>> That the vpn was working was tested looking at the route -n command giving:
>> Destination Gateway Genmask Flags Metric Ref Use Iface
>> 144.32.65.50 10.0.0.135 255.255.255.255 UGH 1 0 0 eth1
>> 10.0.0.135 0.0.0.0 255.255.255.255 UH 1 0 0 eth1
>> 10.0.0.0 0.0.0.0 255.255.255.0 U 2 0 0 eth1
>> 144.32.0.0 172.18.1.14 255.255.0.0 UG 1 0 0 tun0
>> 0.0.0.0 10.0.0.135 0.0.0.0 UG 0 0 0 eth1
>>
>> Then I checked if the tunnel was working by doing
>> ssh gestalt
>> I was able to login via the vpn immediately.
>>
>> Next I wanted to look at the unix0 terminal session but in Fedora F11
>> there is no ncui so the file in
>> .juniper_networks/network_connect/ncsvc was empty.
>> I pulled your ncui rpm and installed it using
>> yum localinstall ncui-6.4-0.i386.rpm --nogpgcheck
>>
>> Once this was done I had also to make the symlink to
>> .juniper_networks/network_connect/ncsvc from /usr/local/nc/ncsvc
>>
>> However I then found that the /usr/local/nc/ncsvc file was in fact
>> empty! Hence I was not expecting the unix0 link on the page to work
>> and indeed when I tried it the
>>
>> On Wed, Jul 1, 2009 at 10:24 PM, Arthur Clune<arthur at clune.org> wrote:
>>> I've updated the page. The method there works for me on CentOS.
>>>
>>> http://www.clune.org/juniper_linux.html
>>>
>>> There's some serious kludges going on that clearly need fixing, but it
>>> does work fine. I'll pass on the docs and the problems to the guy that
>>> supports the VPN when he's back from holiday.
>>>
>>>
>>>
>>>
>>> --
>>> Arthur Clune arthur at clune.org
>>>
>>> _______________________________________________
>>> York mailing list
>>> York at lists.lug.org.uk
>>> https://mailman.lug.org.uk/mailman/listinfo/york
>>>
>>
>>
>>
>> --
>> mike
>>
>
>
>
> --
> mike
>
--
mike
More information about the York
mailing list