Fedora Linux Support Community & Resources Center
  #31  
Old 3rd November 2006, 03:23 PM
stohn Offline
Registered User
 
Join Date: Jul 2005
Posts: 9
Quote:
Originally Posted by landoncz
I currently use the vpnc + network manager to connect to 5 different CISCO VPNs
Thank you for the information, and I'll take a look at vpnc again.

As noted in my post, the specific issue with vpnc with my company's Cisco VPN server is the usage of a encrypted group password. Do you know offhand if vpnc currently offers that feature?
Reply With Quote
  #32  
Old 3rd November 2006, 03:32 PM
landoncz Offline
Registered User
 
Join Date: Dec 2005
Location: Florida, USA
Age: 38
Posts: 338
No, yeah I saw that little keyword in your post . I don't know off-hand if they are encrypted or not, but since it only takes 5 mins to install, if you do decide to install it, let us know, I would be interested to know...
Attached Thumbnails
Click image for larger version

Name:	Screenshot.png
Views:	678
Size:	56.3 KB
ID:	10151  
__________________
Fedora Core 6 on Asus Z63A 14" Laptop
2.0 Ghz Pentium M
1 Gig RAM
100 Gig 7200 RPM

Code:
# rm -rf /dev/brain
Reply With Quote
  #33  
Old 3rd November 2006, 04:06 PM
stohn Offline
Registered User
 
Join Date: Jul 2005
Posts: 9
Regarding usage of vpnc, I found that the password encryption scheme used by Cisco VPN is easily decrypted, so my previous issue with an encrypted group password is resolved.

I was able handshake and authenticate with my companies VPN server, but finalizing the connection did not work.

Quote:
Originally Posted by vpnc
Possible reasons are:
* concentrator configured to require a firewall
this locks out even Cisco clients on any platform expect windows
which is an obvious security improvment. There is no workaround (yet).
* concentrator configured to require IP compression
this is not yet supported by vpnc.
Note: the Cisco Concentrator Documentation recommends against using
compression, expect on low-bandwith (read: ISDN) links, because it
uses much CPU-resources on the concentrator
The first reason is NOT the case, since previous kernels and vpn clients were function under the given circumstances.

The second ......... well .......... that could be an issue and, per the reason, unfixable.

Looks like my attention is returned to fixing Cisco's client on recent kernels.
Reply With Quote
  #34  
Old 7th November 2006, 10:28 PM
stohn Offline
Registered User
 
Join Date: Jul 2005
Posts: 9
Smile *** Solved ***

A good friend of mine discovered the solution to this problem. Thanks Todd.

Apparently many people are having issues building all sorts of things with out-of-the-box FC6. Because the initial installation resulted in the i586 kernel and the i686 devel package.

If you're experiencing this issue, run the following and note the architecture value:
Code:
rpm -q --qf '%{name}-%{version}-%{release}.%{arch}\n' kernel{,-devel}
After acquiring the correct devel package and building the client, starting the service succeeded.

Thanks all for helping.

stohn

Last edited by stohn; 7th November 2006 at 10:29 PM. Reason: Correct code tags
Reply With Quote
  #35  
Old 7th November 2006, 10:53 PM
stohn Offline
Registered User
 
Join Date: Jul 2005
Posts: 9
See the following for a little information on the FC6 bug.

http://fedoraproject.org/wiki/Bugs/FC6Common
Reply With Quote
  #36  
Old 15th November 2006, 02:39 PM
pabloguevara Offline
Registered User
 
Join Date: Apr 2005
Location: Buenos Aires
Posts: 98
stohn, did you get this running on fc6? Could you please provide a little more help?

[root@localhost ~]# uname -a
Linux localhost 2.6.18-1.2849.fc6 #1 SMP Fri Nov 10 12:36:14 EST 2006 i686 i686 i386 GNU/Linux

I get this error when trying to run Cisco VPN Client:

Making module
make -C /lib/modules/2.6.18-1.2849.fc6/ SUBDIRS=/root/Desktop/Linux/vpnclient modules
make[1]: Entering directory `/lib/modules/2.6.18-1.2849.fc6'
make[1]: *** No rule to make target `modules'. Stop.
make[1]: Leaving directory `/lib/modules/2.6.18-1.2849.fc6'
make: *** [default] Error 2
Copying module to directory "/lib/modules/2.6.18-1.2849.fc6/CiscoVPN".
Already have group 'bin'


And then...

[root@localhost vpnclient]# /etc/init.d/vpnclient_init start
Starting /opt/cisco-vpnclient/bin/vpnclient: insmod: error inserting '/lib/modules/2.6.18-1.2849.fc6/CiscoVPN/cisco_ipsec.ko': -1 Invalid module format
Failed (insmod)
Reply With Quote
  #37  
Old 15th November 2006, 03:11 PM
mwette Offline
Registered User
 
Join Date: Nov 2005
Location: Los Angeles area
Posts: 887
Quote:
Originally Posted by pabloguevara
stohn, did you get this running on fc6? Could you please provide a little more help?

[root@localhost ~]# uname -a
Linux localhost 2.6.18-1.2849.fc6 #1 SMP Fri Nov 10 12:36:14 EST 2006 i686 i686 i386 GNU/Linux

I get this error when trying to run Cisco VPN Client:

Making module
make -C /lib/modules/2.6.18-1.2849.fc6/ SUBDIRS=/root/Desktop/Linux/vpnclient modules
make[1]: Entering directory `/lib/modules/2.6.18-1.2849.fc6'
make[1]: *** No rule to make target `modules'. Stop.
make[1]: Leaving directory `/lib/modules/2.6.18-1.2849.fc6'
make: *** [default] Error 2
It looks like you don't have the files to build modules.
Try "yum install kernel-headers kernel-build" (as root).
Reply With Quote
  #38  
Old 15th November 2006, 03:30 PM
stohn Offline
Registered User
 
Join Date: Jul 2005
Posts: 9
Quote:
Originally Posted by pabloguevara
did you get this running on fc6? Could you please provide a little more help?
Yes. See post #34 in this topic.
Reply With Quote
  #39  
Old 16th November 2006, 06:57 PM
pabloguevara Offline
Registered User
 
Join Date: Apr 2005
Location: Buenos Aires
Posts: 98
It did not install anything...I suppose I'm missing something...

Code:
[root@localhost ~]# uname -a
Linux localhost 2.6.18-1.2849.fc6 #1 SMP Fri Nov 10 12:36:14 EST 2006 i686 i686 i386 GNU/Linux
[root@localhost ~]# 
[root@localhost ~]# yum install kernel-headers kernel-2.6.18-1.2849.fc6
Loading "installonlyn" plugin
Setting up Install Process
Setting up repositories
core                      100% |=========================| 1.1 kB    00:00     
extras                    100% |=========================| 1.1 kB    00:00     
updates                   100% |=========================| 1.2 kB    00:00     
Reading repository metadata in from local files
Parsing package install arguments
Nothing to do

Last edited by pabloguevara; 16th November 2006 at 06:59 PM.
Reply With Quote
  #40  
Old 16th November 2006, 08:25 PM
stohn Offline
Registered User
 
Join Date: Jul 2005
Posts: 9
The rpm command touted in post #34 only identifies whether you have mismatched kernel and kernel-devel packages.

Note the link to instructions for fixing the mismatch in post #35, although there's many ways to fix the mismatch. Simply rerunning apt-get or yum -- as you discovered -- does nothing because the two packages are at their most-recent versions, despite not matching one another.

Once the two kernel packages match, then the Cisco vpnclient should compile into a usable module.
Reply With Quote
  #41  
Old 17th November 2006, 06:31 AM
pabloguevara Offline
Registered User
 
Join Date: Apr 2005
Location: Buenos Aires
Posts: 98
I fixed the issue describerd on post #35...
Code:
[root@localhost vpnclient]# rpm -q --queryformat "%{name}-%{version}-%{release}.%{arch}\n" kernel
kernel-2.6.18-1.2849.fc6.i686
However, the vpn is still not loading....same error as before...
Code:
[root@localhost vpnclient]# ./vpn_install
Cisco Systems VPN Client Version 4.8.00 (0490) Linux Installer
Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.

By installing this product you agree that you have read the
license.txt file (The VPN Client license) and will comply with
its terms. 


Directory where binaries will be installed [/usr/local/bin]

Automatically start the VPN service at boot time [yes]

In order to build the VPN kernel module, you must have the
kernel headers for the version of the kernel you are running.

For RedHat 6.x users these files are installed in /usr/src/linux by default
For RedHat 7.x users these files are installed in /usr/src/linux-2.4 by default
For Suse 7.3 users these files are installed in /usr/src/linux-2.4.10.SuSE by default

Directory containing linux kernel source code []/lib/modules/2.6.18-1.2849.fc6/

* Binaries will be installed in "/usr/local/bin".
* Modules will be installed in "/lib/modules/2.6.18-1.2849.fc6/CiscoVPN".
* The VPN service will be started AUTOMATICALLY at boot time.
* Kernel source from "/lib/modules/2.6.18-1.2849.fc6/" will be used to build the module.

Is the above correct [y]

Making module
make -C /lib/modules/2.6.18-1.2849.fc6/ SUBDIRS=/root/Desktop/Linux/vpnclient modules
make[1]: Entering directory `/lib/modules/2.6.18-1.2849.fc6'
make[1]: *** No rule to make target `modules'.  Stop.
make[1]: Leaving directory `/lib/modules/2.6.18-1.2849.fc6'
make: *** [default] Error 2
Copying module to directory "/lib/modules/2.6.18-1.2849.fc6/CiscoVPN".
Already have group 'bin'

Creating start/stop script "/etc/init.d/vpnclient_init".
    /etc/init.d/vpnclient_init
Enabling start/stop script for run level 3,4 and 5.

Installing license.txt (VPN Client license) in "/opt/cisco-vpnclient/":

Installing bundled user profiles in "/etc/opt/cisco-vpnclient/Profiles/":
* Replaced Profiles: sample 

Copying binaries to directory "/opt/cisco-vpnclient/bin".
Adding symlinks to "/usr/local/bin".
    /opt/cisco-vpnclient/bin/vpnclient
    /opt/cisco-vpnclient/bin/cisco_cert_mgr
    /opt/cisco-vpnclient/bin/ipseclog
Copying setuid binaries to directory "/opt/cisco-vpnclient/bin".
    /opt/cisco-vpnclient/bin/cvpnd
Copying libraries to directory "/opt/cisco-vpnclient/lib".
    /opt/cisco-vpnclient/lib/libvpnapi.so
Copying header files to directory "/opt/cisco-vpnclient/include".
    /opt/cisco-vpnclient/include/vpnapi.h

Setting permissions.
    /opt/cisco-vpnclient/bin/cvpnd (setuid root)
    /opt/cisco-vpnclient (group bin readable)
    /etc/opt/cisco-vpnclient (permissions not changed)
* You may wish to change these permissions to restrict access to root.
* You must run "/etc/init.d/vpnclient_init start" before using the client.
* This script will be run AUTOMATICALLY every time you reboot your computer.
[root@localhost vpnclient]# /etc/init.d/vpnclient_init start
Starting /opt/cisco-vpnclient/bin/vpnclient: insmod: error inserting '/lib/modules/2.6.18-1.2849.fc6/CiscoVPN/cisco_ipsec.ko': -1 Invalid module format
Failed (insmod)
Any clue what could be wrong?
Reply With Quote
  #42  
Old 17th November 2006, 02:21 PM
stohn Offline
Registered User
 
Join Date: Jul 2005
Posts: 9
Quote:
Originally Posted by pabloguevara
# rpm -q --queryformat "%{name}-%{version}-%{release}.%{arch}\n" kernel
kernel-2.6.18-1.2849.fc6.i686
It looks like you missed a key part of the rpm check notably the "{,-devel}" at the end.
Code:
rpm -q --qf '%{name}-%{version}-%{release}.%{arch}\n' kernel{,-devel}
Upon running the whole command, you should see something like:
Code:
kernel-2.6.18-1.2798.fc6.i686
kernel-devel-2.6.18-1.2798.fc6.i686
Ensure that both ix86 parts are the same. If they are NOT, that is the root of this topic. Acquire and install the correct packages, and try building vpnclient again.

[ Fedora Core 6 ]
Additionally be aware that you may have to create a sym link "config.h" in your source folder -- /usr/src/kernels/2.6.18-1.2849.fc6-i686/include/linux/ -- pointing to "autoconf.h" since in the latest kernels the config.h file has been obsoleted and vpnclient still looks for it.
Reply With Quote
  #43  
Old 20th November 2006, 12:49 AM
pabloguevara Offline
Registered User
 
Join Date: Apr 2005
Location: Buenos Aires
Posts: 98
Still, not able to install vpnclient.....

The rpm check seems fine...

Code:
[root@localhost ~]# rpm -q --qf '%{name}-%{version}-%{release}.%{arch}\n' kernel{,-devel}
kernel-2.6.18-1.2849.fc6.i686
kernel-devel-2.6.18-1.2849.fc6.i686
But the installation fails with error "/root/Desktop/vpnclient/linuxcniapi.c:12:26: error: linux/config.h: No such file or directory"
Code:
[root@localhost vpnclient]# ./vpn_install
Cisco Systems VPN Client Version 4.8.00 (0490) Linux Installer
Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.

By installing this product you agree that you have read the
license.txt file (The VPN Client license) and will comply with
its terms. 


Directory where binaries will be installed [/usr/local/bin]

Automatically start the VPN service at boot time [yes]

In order to build the VPN kernel module, you must have the
kernel headers for the version of the kernel you are running.


Directory containing linux kernel source code [/lib/modules/2.6.18-1.2849.fc6/build]

* Binaries will be installed in "/usr/local/bin".
* Modules will be installed in "/lib/modules/2.6.18-1.2849.fc6/CiscoVPN".
* The VPN service will be started AUTOMATICALLY at boot time.
* Kernel source from "/lib/modules/2.6.18-1.2849.fc6/build" will be used to build the module.

Is the above correct [y]

Making module
make -C /lib/modules/2.6.18-1.2849.fc6/build SUBDIRS=/root/Desktop/vpnclient modules
make[1]: Entering directory `/usr/src/kernels/2.6.18-1.2849.fc6-i686'
  CC [M]  /root/Desktop/vpnclient/linuxcniapi.o
/root/Desktop/vpnclient/linuxcniapi.c:12:26: error: linux/config.h: No such file or directory
make[2]: *** [/root/Desktop/vpnclient/linuxcniapi.o] Error 1
make[1]: *** [_module_/root/Desktop/vpnclient] Error 2
make[1]: Leaving directory `/usr/src/kernels/2.6.18-1.2849.fc6-i686'
make: *** [default] Error 2
Copying module to directory "/lib/modules/2.6.18-1.2849.fc6/CiscoVPN".
Already have group 'bin'

Creating start/stop script "/etc/init.d/vpnclient_init".
    /etc/init.d/vpnclient_init
Enabling start/stop script for run level 3,4 and 5.

Installing license.txt (VPN Client license) in "/opt/cisco-vpnclient/":

Installing bundled user profiles in "/etc/opt/cisco-vpnclient/Profiles/":
* Replaced Profiles: sample 

Copying binaries to directory "/opt/cisco-vpnclient/bin".
Adding symlinks to "/usr/local/bin".
    /opt/cisco-vpnclient/bin/vpnclient
    /opt/cisco-vpnclient/bin/cisco_cert_mgr
    /opt/cisco-vpnclient/bin/ipseclog
Copying setuid binaries to directory "/opt/cisco-vpnclient/bin".
    /opt/cisco-vpnclient/bin/cvpnd
Copying libraries to directory "/opt/cisco-vpnclient/lib".
    /opt/cisco-vpnclient/lib/libvpnapi.so
Copying header files to directory "/opt/cisco-vpnclient/include".
    /opt/cisco-vpnclient/include/vpnapi.h

Setting permissions.
    /opt/cisco-vpnclient/bin/cvpnd (setuid root)
    /opt/cisco-vpnclient (group bin readable)
    /etc/opt/cisco-vpnclient (permissions not changed)
* You may wish to change these permissions to restrict access to root.
* You must run "/etc/init.d/vpnclient_init start" before using the client.
* This script will be run AUTOMATICALLY every time you reboot your computer.
[root@localhost vpnclient]# /etc/init.d/vpnclient_init start
Starting /opt/cisco-vpnclient/bin/vpnclient: insmod: error inserting '/lib/modules/2.6.18-1.2849.fc6/CiscoVPN/cisco_ipsec.ko': -1 Invalid module format
Failed (insmod)
Thoughts?
Reply With Quote
  #44  
Old 20th November 2006, 01:40 AM
mwette Offline
Registered User
 
Join Date: Nov 2005
Location: Los Angeles area
Posts: 887
Quote:
Originally Posted by pabloguevara
Still, not able to install vpnclient.....
Code:
make[1]: Entering directory `/usr/src/kernels/2.6.18-1.2849.fc6-i686'
  CC [M]  /root/Desktop/vpnclient/linuxcniapi.o
/root/Desktop/vpnclient/linuxcniapi.c:12:26: error: linux/config.h: No such file or directory
make[2]: *** [/root/Desktop/vpnclient/linuxcniapi.o] Error 1
Thoughts?
Code:
# cd /usr/src/kernels/2.6.18-1.2849.fc6-i686
# cd include/linux
# ln -s autoconf.h config.h
Then try running vpnclient_install again.
Reply With Quote
  #45  
Old 20th November 2006, 02:33 AM
pabloguevara Offline
Registered User
 
Join Date: Apr 2005
Location: Buenos Aires
Posts: 98
GOT IT!! Thanks...I did build the sym link, but I did it wrong! Now it's working....I'm connected to the VPN....I got a couple of warnings on the installation output but it works!

Thanks!!
Code:
Making module
make -C /lib/modules/2.6.18-1.2849.fc6/build SUBDIRS=/root/Desktop/vpnclient modules
make[1]: Entering directory `/usr/src/kernels/2.6.18-1.2849.fc6-i686'
  CC [M]  /root/Desktop/vpnclient/linuxcniapi.o
  CC [M]  /root/Desktop/vpnclient/frag.o
  CC [M]  /root/Desktop/vpnclient/IPSecDrvOS_linux.o
  CC [M]  /root/Desktop/vpnclient/interceptor.o
/root/Desktop/vpnclient/interceptor.c: In function ‘handle_vpnup’:
/root/Desktop/vpnclient/interceptor.c:310: warning: assignment from incompatible pointer type
/root/Desktop/vpnclient/interceptor.c:334: warning: assignment from incompatible pointer type
/root/Desktop/vpnclient/interceptor.c:335: warning: assignment from incompatible pointer type
/root/Desktop/vpnclient/interceptor.c: In function ‘do_cleanup’:
/root/Desktop/vpnclient/interceptor.c:378: warning: assignment from incompatible pointer type
  CC [M]  /root/Desktop/vpnclient/linuxkernelapi.o
  LD [M]  /root/Desktop/vpnclient/cisco_ipsec.o
  Building modules, stage 2.
  MODPOST
WARNING: /root/Desktop/vpnclient/cisco_ipsec.o - Section mismatch: reference to .init.text: from .data between 'interceptor_dev' (at offset 0xb4) and 'interceptor_notifier'
WARNING: could not find /root/Desktop/vpnclient/.libdriver.so.cmd for /root/Desktop/vpnclient/libdriver.so
  CC      /root/Desktop/vpnclient/cisco_ipsec.mod.o
  LD [M]  /root/Desktop/vpnclient/cisco_ipsec.ko
make[1]: Leaving directory `/usr/src/kernels/2.6.18-1.2849.fc6-i686'
Copying module to directory "/lib/modules/2.6.18-1.2849.fc6/CiscoVPN".
Already have group 'bin'
Reply With Quote
Reply

Tags
cisco, client, install, problem, vpn

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Same old Cisco VPN Client problem bluerratiq Servers & Networking 3 11th September 2008 12:11 PM
Fedora 8 - Cisco VPN Client problem roso_jose Servers & Networking 8 28th January 2008 03:56 AM
Cisco VPN Client install problem jpaulynice Servers & Networking 1 11th June 2006 06:31 AM
Can't install Cisco VPN client with 2.6.14-1.1644_FC4 biglinux Servers & Networking 1 2nd December 2005 12:44 PM
Cisco VPN Client Install Trouble!!! Pls help!! coolioo Servers & Networking 19 1st December 2005 05:33 PM


Current GMT-time: 21:21 (Wednesday, 23-08-2017)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat