Thursday, August 09, 2007

Install Cisco VPN Client on Linux

#!/bin/bash

# Fedora Core Cisco VPN Client install notes by Jason Roysdon - http://jason.roysdon.net/
# Creative Commons Attribution-ShareAlike 2.5 - http://creativecommons.org/licenses/by-sa/2.5/
# http://jason.roysdon.net/credits.html

# This patch allows the Cisco VPN Client 4.8.00 (0490) to install with the 2.6.19 kernel.
# It should work for other distros, but here are my FC5/FC6-specific notes.
#

# original source of fix:
# http://www.tuxx-home.at/cmt.php?article=/2006/12/07/T09_36_48/index.html
# patch:
# http://www.tuxx-home.at/projects/cisco-vpnclient/vpnclient-linux-2.6.19.diff

# Run as this as root

# fc3 had the kernel source info with the kernel rpm before, but as of kernel-2.6.12-1.1372_FC3 the following is required:
yum -y install kernel-devel
# with fc5, I now have to install the following for my P4 which looks like an SMP:
yum -y install kernel-smp-devel.i686

mkdir -p /opt/download
cd /opt/download

echo You must login to CCO manually and attempt to download the client for their ftp server to recognize your request:
echo http://cisco.com/cgi-bin/tablebuild.pl/vpnclient-3des
wget -c --user=YOUR-CCO-USER --password=YOUR-CCO-PW http://ftp-sj.cisco.com/cisco/crypto/3DES/vpn/client/linux/vpnclient-linux-x86_64-4.8.00.0490-k9.tar.gz
wget -c --user=YOUR-CCO-USER --password=YOUR-CCO-PW http://ftp-sj.cisco.com/cisco/crypto/3DES/vpn/client/linux/vpnclient-linux-4.8.00.0490-readme.txt

tar xfvz vpnclient-linux-x86_64-4.8.00.0490-k9.tar.gz
cd vpnclient

# get 2.6.19 patch
wget -c ftp://jason.roysdon.net/pub/jroysdon/linux/vpnclient-linux-2.6.19.diff
patch -i vpnclient-linux-2.6.19.diff

# create /usr/local/bin, as on FC6 it doesn't exist by default
mkdir -p /usr/local/bin

# run the install, take the defaults
./vpn_install

# I want my non-root user to be able to start the vpn
chmod 4111 /opt/cisco-vpnclient/bin/cvpnd

# start the service the first time
/etc/init.d/vpnclient_init start

# I like to quickly be able to see what connections I have with a custom 'vpnlist' command:
echo echo > /usr/local/bin/vpnlist
echo echo /etc/opt/cisco-vpnclient/Profiles/ >> /usr/local/bin/vpnlist
echo ls -b /etc/opt/cisco-vpnclient/Profiles/ >> /usr/local/bin/vpnlist
echo echo >> /usr/local/bin/vpnlist
chmod 4111 /usr/local/bin/vpnlist

# I use runlevel 4 for when I'm trying to preserve battery or want a fast bootup and want minimal services running
chkconfig --level 4 vpnclient_init off
Posted by at No comments:
Subscribe to: Posts (Atom)