BEFORE YOU START READING AND FOLLOWING THIS GUIDE, LET ME MAKE IT ABSOLUTELY CLEAR THAT THIS DOCUMENT IS BASED ENTIRELY ON THE STEPS I FOLLOWED TO GET THE NYU VPN CLIENT UP AND RUNNING ON MY MACHINE. THERE IS NO GUARANTEE THAT IT WILL WORK ON YOURS AS WELL. SO IF ANYTHING GOES WRONG, I AM NOT TO BE BLAMED.
HAVING SAID THAT, I STILL BELIEVE THAT IF YOU FOLLOW THESE STEPS THEN YOU SHOULD BE VERY CLOSE TO GETTING THE VPN CLIENT INSTALLED AND RUNNING, IF AT ALL IT DOESN'T RUN.
ALSO, IT IS POSSIBLE THAT THERE ARE ERRORS IN THIS PAGE OR THAT SOME OF YOU GUYS KNOW OF A BETTER APPROACH OF HOW TO DO THINGS. IN CASE YOU DO, PLEASE LET ME KNOW (karangupte@gmail.com) SO THAT I CAN ADD YOUR SUGGESTIONS TO THIS PAGE AS WELL. REMEMBER, THE MAIN PURPOSE OF THIS PAGE IS TO HELP PEOPLE USE THE NYU VPN ON LINUX AND ALL SUGGESTIONS/CORRECTIONS ARE WELCOME :)
I am not going to elaborate on this right now. I assume you are comforatable installing linux on your own. If not, you should probably use google and you'll get hundreds of websites explaining how to install linux. I recommend using the Ubuntu 5.10 "Breezy Badger" distro as I got my Cisco VPN client up and running on the same without many problems. Also it is one of the fastest distros to install. Make sure that the distro you are using has a kernel newer than 2.6.8 as previous kernels do not have firmware for ipw2200 included.
1. Download vpnclient-linux-4.7.00.0640-k9.tar.gz from somewhere. (I know that this is the major headache of the entire process ... getting the VPN client) The NYU Med school IT dept. has a version of this on CD which you can obtain from them. Another alternative is google. Your chances of finding this file are not too bad ;)
Remember, do not download the 4.6 version that is distributed freely by cisco. Since I was not able to get its installation script running, whereas the 4.7 version installed without any hassles.
2. Make sure you have the correct kernel source and the correct kernel
headers.
To find your Kernel version : uname -a
e.g. karan@KUMBHKARAN:~$ uname -a
Linux KUMBHKARAN 2.6.12-10-386 #1 Sat Mar 11 16:13:17 UTC 2006 i686
GNU/Linux
Now that you know your Kernel version .. say 2.6.x
To install Kernel Source : sudo apt-get install
kernel-source-2.6.x
To install Kernel Headers : sudo apt-get install
kernel-headers-2.6.x.x
Alternately, you can also download the exact package for your kernel source
from http://www.kernel.org/pub/linux/kernel/v2.6/
Please find some more documentation that explains how to install kernel
source from a tar.gz archive otherwise you may end up doing serious damage
to your installation.
I am not sure about Kernel headers in this case though. But if you have
Ubuntu or Debian it would be easier to connect to the internet via an
ethernet cable and do an apt-get install for the kernel-source and kernel
header packages.
3. Now that you have the correct headers and the correct source
CONFIGURATION FILE :-
Once you have installed the Cisco VPN Client, create the configuration file
/etc/opt/cisco-vpnclient/Profiles/nyu.pcf
The file should look like this
------------------------------------------------------------------------------------------------------------
[main]
Description=NYU VPN
Host=vpn.nyu.edu
AuthType=1
GroupName=nyu-vpn
GroupPwd=nyu-net (Thanks Eblyn M Felix)
EnableISPConnect=0
ISPConnectType=0
ISPConnect=
ISPCommand=
Username=kpg231
SaveUserPassword=0
EnableBackup=0
BackupServer=
EnableNat=1
CertStore=0
CertName=
CertPath=
CertSubjectName=
CertSerialHash=00000000000000000000000000000000
DHGroup=2
ForceKeepAlives=0
UserPassword=
enc_UserPassword=
TunnelingMode=1
TCPTunnelinPort=443
------------------------------------------------------------------------------------------------------------
1. Assuming that your laptop has two interfaces eth0 and eth1 where eth0 is
the wireless interface and eth1 is the wired interface, first check which of
the interfaces are enabled when you log in to your system. Make sure that
your eth1 (wired interface) is disabled. Enable your wireless interface
using the following parameters. Note:- ESSID is case sensitive.
CONNECTION:-
Select "Enable this Connection"
WIRELESS SETTINGS :-
ESSID: NYU-ROAM3
Keytype: Hexadecimal
WEP Type: [leave blank]
CONNECTION SETTINGS :-
CONFIGURATION: Select DHCP.
IP Address: [leave blank]
Subnet Mask: [leave blank]
Netmask: [leave blank]
2. If you did not select the option to start the vpn client at bootup then do /etc/init.d/vpnclient_init start If you selected the option to start the vpn client on booting then proceed directly to step 2.
3. Now to start the VPN tunnel, type
vpnclient connect nyu
where /etc/opt/cisco-vpnclient/Profiles/nyu.pcf is the file containing your
connection settings
The rest of the details will be entered on the command line as follows:-
-------------------------------------------------------------------------------------------
root@KUMBHKARAN:~# vpnclient connect nyu
Cisco Systems VPN Client Version 4.7.00 (0640)
Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Linux
Running on: Linux 2.6.12-10-386 #1 Sat Mar 11 16:13:17 UTC 2006 i686
Config file directory: /etc/opt/cisco-vpnclient
Initializing the VPN connection.
Initiating TCP to 192.76.177.230, port 10000
Contacting the gateway at 192.76.177.230
Initiating TCP to 192.76.177.226, port 10000 (balancing)
Contacting the gateway at 192.76.177.226
User Authentication for nyu...
Enter Username and Password.
Username [kpg231]: kpg231
Password []:
Authenticating user.
Negotiating security policies.
Securing communication channel.
Welcome to the NYU VPN Service for NYURoam. If you are having difficulty
access ing NYURoam, please contact the ITS Client Services Center at
1-212-998-3333 or its.clientservices@nyu.edu.
Do you wish to continue? (y/n): y
Your VPN connection is secure.
VPN tunnel information.
Client address: 216.165.96.23
Server address: 192.76.177.226
Encryption: 168-bit 3-DES
Authentication: HMAC-MD5
IP Compression: None
NAT passthrough is active on port TCP 10000
Local LAN Access is disabled
---------------------------------------------------------------------------------------------
|
|
|
|
|
|