I just moved back to OpenSUSE and I am having one problem at this point and that is getting the vpnclient to work. I am able to connect using vpnc but it doesn’t appear to disable local lan access as the cisco client does so I am limited on accessing my companies resources unless I know the IP address.
I have followed the steps required when I was using 10.3 but I am unable to get it to work on this version.
Has anyone gotten this to work on 11 and can you post a how-to? I’d appreciate it.
Has anyone gotten this to work on 2.6.25.5-1.1-pae? I assume there is a new .diff somewhere? I really need to get this working. Vpnc is less than ideal at this point.
I’m able to work around the name resolution issue but it is kind of annoying.
I use kvpnc to connect to my work. Highly customisable for a range of connections. Works great. Available from main repo’s in YaST (10.3) or direct from kvpnc homepage.
You can try editing /tmp/vpnclient/Makefile and replacing CFLAGS entry with EXTRA_CFLAGS to see if that gets you anywhere. With the version of vpnclient you are installing there should be little patching done and an easier install. Are you sure you have all the prereq’s installed?
Tried replacing CFLAGS with EXTRA_CFLAGS and here is the result:
Making module
make -C /lib/modules/2.6.25.5-1.1-default/build SUBDIRS=/home/sbell/vpnclient modules
make[1]: Entering directory /usr/src/linux-2.6.25.5-1.1-obj/x86_64/default' make -C /usr/src/linux-2.6.25.5-1.1 O=/usr/src/linux-2.6.25.5-1.1-obj/x86_64/default/. modules CC [M] /home/sbell/vpnclient/linuxcniapi.o /home/sbell/vpnclient/linuxcniapi.c: In function ‘CniInjectReceive’: /home/sbell/vpnclient/linuxcniapi.c:341: warning: cast from pointer to integer of different size /home/sbell/vpnclient/linuxcniapi.c:342: warning: cast from pointer to integer of different size /home/sbell/vpnclient/linuxcniapi.c: In function ‘CniInjectSend’: /home/sbell/vpnclient/linuxcniapi.c:481: warning: cast from pointer to integer of different size /home/sbell/vpnclient/linuxcniapi.c:482: warning: cast from pointer to integer of different size /home/sbell/vpnclient/linuxcniapi.c:491: warning: cast to pointer from integer of different size /home/sbell/vpnclient/linuxcniapi.c:491: warning: cast from pointer to integer of different size CC [M] /home/sbell/vpnclient/frag.o /home/sbell/vpnclient/frag.c: In function ‘queue_fragment’: /home/sbell/vpnclient/frag.c:50: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:50: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:50: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:50: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:52: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:52: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:52: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:52: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:70: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:70: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:70: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:70: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:73: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:73: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:73: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:73: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c: In function ‘have_all_fragments’: /home/sbell/vpnclient/frag.c:126: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:126: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:126: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:126: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:134: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:134: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:134: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:134: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:141: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:141: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:141: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:141: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:142: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:146: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:146: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:146: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c:146: warning: cast to pointer from integer of different size /home/sbell/vpnclient/frag.c: In function ‘need_reorder_frag’: /home/sbell/vpnclient/frag.c:198: warning: cast to pointer from integer of different size CC [M] /home/sbell/vpnclient/IPSecDrvOS_linux.o CC [M] /home/sbell/vpnclient/interceptor.o /home/sbell/vpnclient/interceptor.c: In function ‘recv_ip_packet_handler’: /home/sbell/vpnclient/interceptor.c:655: warning: assignment makes integer from pointer without a cast /home/sbell/vpnclient/interceptor.c:676: warning: passing argument 2 of ‘CniNewFragment’ makes pointer from integer without a cast /home/sbell/vpnclient/interceptor.c: In function ‘do_cni_send’: /home/sbell/vpnclient/interceptor.c:794: error: invalid operands to binary - (have ‘sk_buff_data_t’ and ‘unsigned char*’) make[4]: *** [/home/sbell/vpnclient/interceptor.o] Error 1 make[3]: *** [_module_/home/sbell/vpnclient] Error 2 make[2]: *** [sub-make] Error 2 make[1]: *** [all] Error 2 make[1]: Leaving directory /usr/src/linux-2.6.25.5-1.1-obj/x86_64/default’
make: *** [default] Error 2
Failed to make module “cisco_ipsec.ko”.
I am having the same VPN compile issues, i got around the extra_cflags thing by setting KBUILD_NOPEDANTIC. I will try this in conjunction with the diff and build above tonight, see if it works.
cyberslug wrote:
> I am having the same VPN compile issues, i got around the extra_cflags
> thing by setting KBUILD_NOPEDANTIC. I will try this in conjunction with
> the diff and build above tonight, see if it works.
>
>
This may not work for all of you… but I use vpnc instead of
the Cisco client (because Cisco really has NO interest in
making their client work right). It all depends of course
upon your config, but if you can use vpnc, you’ll find that
it’s a whole lot more stable then Cisco’s less-than-supported
VPN client.
i got the same probleme . i have installed the kernel-source package and sure gcc-g++ gcc make .
have downlaoded the last patch-diff
patch < …/vpnclient-linux-2.6.24-final.diff
patching file GenDefs.h
…
…
then
./vpn_install
Cisco Systems VPN Client Version 4.8.01 (0640) Linux Installer
Copyright 1998-2006 Cisco Systems, Inc. All Rights Reserved.
Is the above correct y ]
Shutting down /opt/cisco-vpnclient/bin/vpnclient: Done
Stopped : /etc/init.d/vpnclient_init (VPN init script)
Making module
make -C /lib/modules/2.6.25.5-1.1-default/build SUBDIRS=/home/mohamed/Documents/
vpnclient modules
make[1] : Entering directory /usr/src/linux-2.6.25.5-1.1-obj/i386/default' make -C /usr/src/linux-2.6.25.5-1.1 O=/usr/src/linux-2.6.25.5-1.1-obj/i386/defau lt/. modules Building modules, stage 2. MODPOST 1 modules WARNING : could not find /home/mohamed/Documents/vpnclient/.libdriver.so.cmd for /home/mohamed/Documents/vpnclient/libdriver.so make 1 ] : Leaving directory /usr/src/linux-2.6.25.5-1.1-obj/i386/default’
Copying module to directory “/lib/modules/2.6.25.5-1.1-default/CiscoVPN”.
Already have group ‘bin’
Creating start/stop script “/etc/init.d/vpnclient_init”.
/etc/init.d/vpnclient_init
insserv: warning : script ‘S01vpnclient_init’ missing LSB tags and overrides
insserv: warning : script ‘vpnclient_init’ missing LSB tags and overrides
vpnclient_init 0 : off 1 : off 2 : off 3 : off 4 : off 5 : off 6 : off
Enabling start/stop script for run level 3,4 and 5.
insserv: warning: script ‘vpnclient_init’ missing LSB tags and overrides
vpnclient_init 0:off 1: off 2: off 3: on 4: off 5: on 6: off
Installing license.txt (VPN Client license) in “/opt/cisco-vpnclient/”:
/opt/cisco-vpnclient/license.txt
Installing bundled user profiles in “/etc/opt/cisco-vpnclient/Profiles/”:
Replaced Profiles: sample
Copying binaries to directory “/opt/cisco-vpnclient/bin”.
Adding symlinks to “/usr/local/bin”.
/opt/cisco-vpnclient/bin/vpnclient
/opt/cisco-vpnclient/bin/cisco_cert_mgr
/opt/cisco-vpnclient/bin/ipseclog
Copying setuid binaries to directory “/opt/cisco-vpnclient/bin”.
/opt/cisco-vpnclient/bin/cvpnd
Copying libraries to directory “/opt/cisco-vpnclient/lib”.
/opt/cisco-vpnclient/lib/libvpnapi.so
Copying header files to directory “/opt/cisco-vpnclient/include”.
/opt/cisco-vpnclient/include/vpnapi.h
Setting permissions.
/opt/cisco-vpnclient/bin/cvpnd (setuid root)
/opt/cisco-vpnclient (group bin readable)
/etc/opt/cisco-vpnclient (permissions not changed)
You may wish to change these permissions to restrict access to root.
You must run “/etc/init.d/vpnclient_init start” before using the client.
This script will be run AUTOMATICALLY every time you reboot your computer.
vpnclient connect vpn
Cisco Systems VPN Client Version 4.8.01 (0640)
Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Linux
Running on: Linux 2.6.25.5-1.1-default #1 SMP 2008-06-07 01:55:22 +0200 i686
Config file directory: /etc/opt/cisco-vpnclient
I have Cisco Systems VPN Client Version 4.8.01 (0640) - module compiled after patching vpnclient-linux-2.6.24-final.diff
kernel: 2.6.25.5-1.1-pae
I’ve a problem with connection. Client negotiate a connection, take a IP adress from server
Cisco Systems VPN Client Version 4.8.01 (0640)
Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Linux
Running on: Linux 2.6.25.5-1.1-pae #1 SMP 2008-06-07 01:55:22 +0200 i686
Config file directory: /etc/opt/cisco-vpnclient
Enter a group password:
Initializing the VPN connection.
Contacting the gateway at 85.#.#.#
User Authentication for test2...
The server has requested the following information to complete the user authentication:
Username [pooh]:
Password ]:
Authenticating user.
Negotiating security policies.
Securing communication channel.
Your VPN connection is secure.
VPN tunnel information.
Client address: 172.#.#.#
Server address: 85.#.#.#
Encryption: 168-bit 3-DES
Authentication: HMAC-SHA
IP Compression: None
NAT passthrough is inactive
Local LAN Access is disabled
…everything looks great but any communication with any host is possible. I try ping host on server side but nothing back
Any idea whats wrong ?
Unfortunately in my case it is not working. Maybe you can have an Idea what else I should check to solve that problem.
Installation:
I try to connect:
--------------------
vpnclient connect UK
Cisco Systems VPN Client Version 4.8.01 (0640)
Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Linux
Running on: Linux 2.6.27.7-9-default #1 SMP 2008-12-04 18:10:04 +0100 x86_64
Config file directory: /etc/opt/cisco-vpnclient
Initializing the VPN connection.
Contacting the gateway at 193.32.3.51
Contacting the gateway at 193.32.3.53 (balancing)
User Authentication for UK...
Enter Username and Password.
Username [name]:
Password ]:
Authenticating user.
Negotiating security policies.
Securing communication channel.
Your VPN connection is secure.
VPN tunnel information.
Client address: 141.144.136.60
Server address: 193.32.3.53
Encryption: 168-bit 3-DES
Authentication: HMAC-SHA
IP Compression: None
NAT passthrough is inactive
Local LAN Access is disabled
… but I do not get an connection
vpnclient stat
Cisco Systems VPN Client Version 4.8.01 (0640)
Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Linux
Running on: Linux 2.6.27.7-9-default #1 SMP 2008-12-04 18:10:04 +0100 x86_64
Config file directory: /etc/opt/cisco-vpnclient
VPN tunnel information.
Connection Entry: UK
Client address: 141.144.136.60
Server address: 193.32.3.53
Encryption: 168-bit 3-DES
Authentication: HMAC-SHA
IP Compression: None
NAT passthrough is inactive
Local LAN Access is disabled
VPN traffic summary.
Time connected: 0 day(s), 00:00.14
Bytes in: 0
Bytes out: 0
Packets encrypted: 0
Packets decrypted: 0
Packets bypassed: 24
Packets discarded: 0
Configured routes.
Secured Network Destination Netmask
0.0.0.0 0.0.0.0
Although, I’m on 11.1, I would think it would be the same for 11.
I installed everything “kvpnc” in Yast.
The only way I can open the kvpnc program is to do it from Gnome Terminal as su/supwd then kvpnc. This will open the gui cisco client where I entered my .pcf file and setup the connection there.
On Sun, 2009-06-28 at 21:16 +0000, back to suse wrote:
…
> I’m just hoping now that when I eventually get my 11.1 64 bit
> networking problems over, vpnc/kvpnc will still work
It’ll work… I use it everywhere (32bit and 64bit)
I just use vpnc though.