Vpn-client On C3k

[miho]

Hi!

Has anyone tried to install vpnc? I have trouble with the tun device. I only found a tun.o file for kernel 2.4.18. But as C3k uses 2.4.20 it won't be loaded. I need vpnc to get acces to the internet from university.

Thanks for your help,

miho

[piku]

Hi!

Has anyone tried to install vpnc? I have trouble with the tun device. I only found a tun.o file for kernel 2.4.18. But as C3k uses 2.4.20 it won't be loaded. I need vpnc to get acces to the internet from university.

Thanks for your help,

miho
[div align=\"right\"][a href=\"index.php?act=findpost&pid=74822\"][{POST_SNAPBACK}][/a][/div]

I'm working on building a kernel but no such luck.  The Zaurus cross compiler (official from Sharp) doesn't like my Gentoo box at all.  It's got a far too new gcc.  Now I could cross compile with that Glibc and I might get a working binary..  Anyway, I'm desperate for a vpn client but I can't get vpnc working with my PIX even on my amd64 box.  I'm so screwed.

[miho]

Please let me know if you had any success!

[aldanm]

Hi!

I was able to get a tun module compiled, which should be attached to this post.

I couldn't get the ipsec module compiled as I don't have a dedicated linux box; however, I was able to connect to my university's vpn with the attached module and the ipsec compiled against 2.4.18 from http://www.liebchen-online.de/vpn-zaurus-cisco_en.html.  So far I haven't experienced any lock-ups, but I don't know how secure it is.  Hope it helps!

[pipacs]

Check out the feed at viperinz.sf.net/feed - it has both tun and ipsec for the stock C3000 kernel.

Btw. I just released the first alpha of  Viperin-Z which is a GUI for managing vpnc connections - comments are welcome!

[daemon1]

Check out the feed at viperinz.sf.net/feed - it has both tun and ipsec for the stock C3000 kernel.

Btw. I just released the first alpha of  Viperin-Z which is a GUI for managing vpnc connections - comments are welcome!
[div align=\"right\"][a href=\"index.php?act=findpost&pid=79324\"][{POST_SNAPBACK}][/a][/div]

Thanks pipacs! just what was needed for the z... ipsec connectivity!  going to give it a try tonight.

[rickh]

Has anybody actually gotten tun to work?  I get the module loaded fine.  the char device exists with 10, 200.  But I still get "can't open /dev/net/tun..." when I try to run vpnc.  It goes through all the prompts for gateway, ids and passwords before I get the error message.

What (simple, I'm sure) step am I missing?

R.
==

[pipacs]

Has anybody actually gotten tun to work?  I get the module loaded fine.  the char device exists with 10, 200.  But I still get "can't open /dev/net/tun..." when I try to run vpnc.  It goes through all the prompts for gateway, ids and passwords before I get the error message.

I found this on Jens' site:

You will need the tun device of the kernel and iproute. Be carefull, busybox has a bug at the moment making it impossible to create /dev/net/tun with the correct mayor and minor numbers. This is why I included /dev/net/tun in the vpnc package.

I guess I should update my package, too...

[rickh]

Has anybody actually gotten tun to work?  I get the module loaded fine.  the char device exists with 10, 200.  But I still get "can't open /dev/net/tun..." when I try to run vpnc.  It goes through all the prompts for gateway, ids and passwords before I get the error message.

I found this on Jens' site:

You will need the tun device of the kernel and iproute. Be carefull, busybox has a bug at the moment making it impossible to create /dev/net/tun with the correct mayor and minor numbers. This is why I included /dev/net/tun in the vpnc package.

I guess I should update my package, too...
[div align=\"right\"][a href=\"index.php?act=findpost&pid=79475\"][{POST_SNAPBACK}][/a][/div]

Okies.  I didn't have iproute.  Installed that and command line vpnc works great.  I installed the latest cersion of viperinz and haven't got that to work.  Doesn't look like there's any error, but it does nothing.  Doesn't provide any feedback.  Just says Not connected.

R.
==

[pipacs]

... or maybe not. The busybox mknod seems to work fine on the C3000. Are you running vpnc as root?

[rickh]

... or maybe not. The busybox mknod seems to work fine on the C3000. Are you running vpnc as root?
[div align=\"right\"][a href=\"index.php?act=findpost&pid=79482\"][{POST_SNAPBACK}][/a][/div]

I was missing iproute for vpnc to work.  It works now.   Running as zaurus with sudo.

R.
==

[pipacs]

I installed the latest cersion of viperinz and haven't got that to work.  Doesn't look like there's any error, but it does nothing.  Doesn't provide any feedback.  Just says Not connected.

If you've got some time and willing  to help with debugging viperinz:

1. Replace /usr/bin/viperinz-connect with this  debug version

2. sudo chmod a+rx /usr/bin/viperinz-connect

3. Try to connect again

4. Look for vpnc errors in /var/log/viperinz.log

5. Check if the config file in /var/run/vpnc/viperinz.conf looks sane

Thanks!

[rickh]

I installed the latest cersion of viperinz and haven't got that to work.  Doesn't look like there's any error, but it does nothing.  Doesn't provide any feedback.  Just says Not connected.

If you've got some time and willing  to help with debugging viperinz:

1. Replace /usr/bin/viperinz-connect with this  debug version

2. sudo chmod a+rx /usr/bin/viperinz-connect

3. Try to connect again

4. Look for vpnc errors in /var/log/viperinz.log

5. Check if the config file in /var/run/vpnc/viperinz.conf looks sane

Thanks!
[div align=\"right\"][a href=\"index.php?act=findpost&pid=79492\"][{POST_SNAPBACK}][/a][/div]

OK.  Looks like it's connecting fine.  I see a good ip address on tun0.  Your GUI doesn't provide any sort of feedback though.  The lock remains in an "unlocked" position and still says "Not Connected" even though I'm passing through tun0.

As far as the log file for viperinz, it just tells me that's it's started vpnc in the background.

Is there maybe another qtopia lib I'm missing?

R.
==

[pipacs]

OK.  Looks like it's connecting fine.  I see a good ip address on tun0.  Your GUI doesn't provide any sort of feedback though.  The lock remains in an "unlocked" position and still says "Not Connected" even though I'm passing through tun0.

Well, at least it's connecting... The GUI is monitoring /var/run/vpnc/vpnc.pid - do you have this file when connected? What are its permissions?

Is there maybe another qtopia lib I'm missing?

Don't think so (assuming you got the one in the feed)

 ~ pipacs.

[piku]

OK.  Looks like it's connecting fine.  I see a good ip address on tun0.  Your GUI doesn't provide any sort of feedback though.  The lock remains in an "unlocked" position and still says "Not Connected" even though I'm passing through tun0.

Well, at least it's connecting... The GUI is monitoring /var/run/vpnc/vpnc.pid - do you have this file when connected? What are its permissions?

Is there maybe another qtopia lib I'm missing?

Don't think so (assuming you got the one in the feed)

 ~ pipacs.
[div align=\"right\"][a href=\"index.php?act=findpost&pid=79517\"][{POST_SNAPBACK}][/a][/div]

BTW Guys,

I finally successfully connected to my Cisco PIX Firewall with vpnc!  My problem all along has been our company's use of 1des instead of 3des..  I'll have to report that.  vpnc requires special --enable-1des so you are sure you have a connection that is effectively unencrypted.  I don't care much, just need the connection!  I use ssh anyway ;-)  The only requirement really was a slight modification of the vpnc-connect script to fix the gateway issue.  I'm going to be compiling and packaging the seemingly much better version of vpnc from cvs.  For some reason my /dev/net/tun device doesn't survive a reboot from what I noticed so far...

So to recap, install the tun from above in this thread, which works with tetsu kernel v18 or sharp rom, or whatever (I'm using cacko).  Install vpnc and run it.. Specify gateway ip, group name and pass and whala.  Amazing   An open source vpn client that works great!