Skip to main content

How to use vpnc with a cisco vpn server

Build vpnc with Hybrid support need by the cisco vpn.

sudo apt-get build-dep vpnc

sudo apt-get install libssl-dev

mkdir -p ~/tmp/vpnc

cd ~/tmp/vpnc

apt-get source vpnc

cd vpnc-0.5.3r449

# Edit the file Makefile and uncomment line
#OPENSSL_GPL_VIOLATION=yes

dpkg-buildpackage

# Remove existing vpnc
sudo apt-get remove vpnc
sudo dpkg -i ../vpnc_0.5.3r449-2_i386.deb
Verify the hybrid mode by executing
vpnc --version| grep -i auth
Supported Auth-Methods: psk psk+xauth hybrid(rsa)
Extract/Convert Root Cert and Profiles

Download MacOS Cisco VPN client your_company_cisco_client.dmg

Mount HFS Archive to copy the files needed

sudo mkdir /tmp/cisco
sudo mount -t hfsplus your_company_cisco_client.dmg /tmp/cisco -o loop
cd /tmp/cisco
cp -r Profiles/ rootcert
cd
sudo umount /tmp/cisco
sudo rmdir /tmp/cisco

Use pcf2vpn to convert files.

mkdir ~/vpnc

$ for file in Profiles/*.pcf; \
do basename=`basename "$file"`; \
/usr/share/vpnc/pcf2vpnc Profiles/"$basename" ~/vpnc/"${basename%pcf}vpnc"; \
done

use openssl to convert your root cert to PEM format
openssl x509 -inform DER <> root_certificate.pem
to connect to bayarea (for example)
sudo vpnc --ca-file root_certificate.pem vpnc/bayarea.vpnc

Example vpnc file:

## generated by pcf2vpnc
# CA-File /etc/vpnc/root_certificate.pem
IPSec ID GeneralHybrid
IPSec gateway vpn.company.com
IPSec secret XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

IKE Authmode hybrid
IKE DH Group dh2

## To add your username and password,
## use the following lines:
# Xauth username
# Xauth password

Comments

Popular posts from this blog

Using a socks proxy

#ssh to a machine on the network you need access and start # a local socks server ssh -D 9999 httpserver.blah.com
# setweb browser proxy to proxy: localhost:9999
# To use other apps with socks install sudo apt-get install tsocks
# Change config file to (remove everything else) /etc/tsocks.conf server = 127.0.0.1 server_port = 9999
# ssh to a machine tsocks ssh -X httpserver.blah.com
# eclipse to a machine tsocks eclipse
reference: using tsocks for tunneling cmds lines and everything else http://www.plenz.com/tunnel-everything

Ubuntu 17.10 running on Lenovo Yoga 920 with HiDPI and touch screen support

I resized the windows partiton to the minimun necessary (100G), disabled secure boot and I also remove bitlocker key encryption on windows drive, this allows Ubuntu to see that partition and allow windows to boot with secure boot disabled, without complaning.

This makes everything go easier if you want to keep windows arround on the same disk and dual boot with Ubuntu, you should do this it helps a lot. Even after you disable this, you can re-enable it back, both secure boot and bitlocker key encryption.

Before installing on windows updates resize your windows partition, installing all windows updates will not alow you to gain as much space as possible. After resizing the windows partition to the minimium size you want, install all windows updates, bios and driver updates.

I upgraded all windows updates to the latest version and all drivers to the latest version and upgraded the bios on windows to the latest version before installing Ubuntu, I don't think this makes much differenc…

Chrome OS advanced commands, settings, expert features

Chrome OS advanced commands, settings, expert features All features described here where tested on a Asus C302 Chromebook, but should work on all Chromebooks, screenshots are from the Asus C302.
Recovery Install new factory image for your chrome book
https://support.google.com/chromebook/answer/1080595?hl=en

Perform a Hard Reset Go to settings select the reset section, you can do a reset or a powerwash.

Force-Boot Into Recovery Mode If you’d like to reinstall Chrome OS and you don’t see the “Chrome OS is missing or damaged” message on your screen, you can force your Chromebook to boot into recovery mode.

First, turn off your Chromebook. Next, press Esc + Refresh on the keyboard and hold down the Power button. Your Chromebook will boot straight to recovery mode.

Enable Canary First, turn off your Chromebook. Press Esc+Refresh+Power and, when the recovery prompt appears, press Ctrl+D and accept the prompt that appears to disable boot verification. When the Chromebook reboots, press Ctrl…