公司用的是cisco vpn ,并且提供了一个打包好的客户端,可是是在windows下使用的.
最近一直用ubuntu,想把这个也挪到linux下用
有for linux的client,于是下载之。解压缩并编译,结果出错了
make -C /lib/modules/2.6.24-16-generic/build SUBDIRS=/usr/src/vpnclient modules
make[1]: Entering directory `/usr/src/linux-headers-2.6.24-16-generic'
CC [M] /usr/src/vpnclient/linuxcniapi.o
In file included from /usr/src/vpnclient/Cniapi.h:15,
from /usr/src/vpnclient/linuxcniapi.c:31:
/usr/src/vpnclient/GenDefs.h:113: 错误: 与‘uintptr_t’类型冲突
include/linux/types.h:40: 错误: ‘uintptr_t’的上一个声明在此
make[2]: *** [/usr/src/vpnclient/linuxcniapi.o] 错误 1
make[1]: *** [_module_/usr/src/vpnclient] 错误 2
make[1]: Leaving directory `/usr/src/linux-headers-2.6.24-16-generic'
make: *** [default] 错误 2
Failed to make module "cisco_ipsec.ko".
开始以为是没有安装开发包和内核头文件,仔细看了看不是这样,提示头文件里面有冲突.原来是需要补丁,立刻搜索补丁,需要说明的是,补丁要和内核版本一致
查看内核版本
coolerfeng@coolerfeng-desktop:/usr/src/vpnclient$ uname -r
2.6.24-16-generic
需要下载2.6.24的
wget -q
http://projects.tuxx-home.at/cis ... t-linux-2.6.24.diff
然后patch一下
patch < vpnclient-linux-2.6.24.diff
接下来重新安装
sudo ./vpn_install
ok,这次编译成功了。
确保当前普通用户能使用。执行sudo chmod 4111 /opt/cisco-vpnclient/bin/cvpnd
开始使用,启动clientvpn。执行:$ sudo /etc/init.d/vpnclient_init start
然后要把windows下配置好的配置文件复制过来
在windows操作系统cisco client目录下的profilles,复制扩展名为pcf的文件到
/etc/opt/cisco-vpnclient/Profiles
然后开始连接,这里myVPN是pcf文件的文件名。
$ sudo vpnclient connect myVPN
接下来就是输入用户名和密码了,ok,连接成功了
coolerfeng@coolerfeng-desktop:~$ sudo vpnclient connect SOHU_CNC
Cisco Systems VPN Client Version 4.8.01 (0640)
Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Linux
Running on: Linux 2.6.24-16-generic #1 SMP Thu Apr 10 13:23:42 UTC 2008 i686
Config file directory: /etc/opt/cisco-vpnclient
Initializing the VPN connection.
Contacting the gateway at 202.106.180.11
User Authentication for SOHU_CNC...
The server has requested the following information to complete the user authentication:
Username [weizhou]: weizhou
Password []:
Authenticating user.
Negotiating security policies.
Securing communication channel.
Your VPN connection is secure.
VPN tunnel information.
Client address: 10.1.8.249
Server address: 202.106.180.11
Encryption: 168-bit 3-DES
Authentication: HMAC-MD5
IP Compression: None
NAT passthrough is active on port UDP 4500
Local LAN Access is disabled
公司的网络还需要二次验证,还要打开浏览器,访问一个内网ip,然后再次输入用户名密码
现在可以使用了。
