Solaris x86 VPN client summary. Thank you to the following for your comments and suggestions: Michael Grice Gary Chambers Matthew Taylor Glenn Prince David Magda Al Saenz Vacations - It has been a while since I posted a question here, and amazingly, no one is on holiday. ================================ Down to business - With one exception, everyone suggested VPNC. No one has this working on Solaris that emailed me, but some indicated that they had it working on linux. This is the URL for VPNc: http://www.unix-ag.uni-kl.de/~massar/vpnc/ The one exception was for the Connectra SSL VPN extender. The Cisco VPN concentrator does not support SSL based VPN's, so I was not able to explore this option. ================================ Compiling VPNc My VPNc test platform is an Ultra 20 M2 running Solaris 10u3. I pulled down the VPNc 0.4.0 source code last evening, and ultimately got a good working compile. Why there was not any rocket-surgery involved, it wasn't a task for the timid or beginner. This application had roughly a dozen sub-dependencies I had to get compiled and installed prior to getting a good/working compile of VPNc. The bulk of problems encountered with the sub-dependencies revolved around ld. They needed the GNU ld. And it wasn't enough to do a ./configure --with-gnu-ld=/usr/local/bin/ld . I actually had to rename /usr/ccs/bin/ld to get a good compile. If you have to do this also, be sure to restore /usr/ccs/bin/ld afterwards, you will need it! The big exception to the sub-dependencies was the compiling/installing of the TUN/TAP kernel modules. I was not able to get a good compile and install till I used /usr/ccs/bin/ld . I was able to verify my TUN/TAP installation here with the following command: # modinfo | egrep -i 'tun|tap' ================================ VPNc installation/configuration/usage After I had a good installation of all of the sub-dependencies for VPNc, I was finally able to begin working with VPNc itself. The compile (make) was easy/quick/clean, but the "make install" operation really didn't do much of anything. I manually copied the binaries and scripts to /usr/local/sbin , and configuration files were put in /etc/vpnc/ . VPNc includes a script to convert your Cisco generated *.pcf file to a VPNc style configuration file. This script did a pretty good job, but I needed to do some manual clean up. Once complete, your configuration file should be named "default.conf" and moved to the /etc/vpnc/ subdirectory. ================================ Success? I ran out of time last night before I was fully complete, but before I needed to stop, but I was able to run VPNc, successfully log in, have VPNc display warning/disclaimer banners, and have the Cisco concentrator automatically set static routes to all of the internal networks. I was not able to pass any traffic through the tunnel before I needed to stop, but I am certain that I am very close. There are some scripting issues that I need to work through, but I feel that I will be successful using VPNc. ================================ Additional details This was suppose to be a short summary, but it is starting to look like a book. If anyone needs additional details of what I did, please email me off line, and I will assist to the best of my abilities. ================================ Original question > Currently, Cisco does not provide a VPN client for Solaris x86, although > there is one for Solaris Sparc. > > Does any one have a usable 3rd party functional VPN client that they use > to connect to a Cisco VPN concentrator. It could be 3rd party > commercial, shareware, freeware, open source, etc? > > A Yahoo search turns up many others asking the same question, but no > answers. > > Thanks for any comments, I will post a summary. _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Thu May 24 12:45:13 2007
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:44:05 EST