使用 Ubuntu 14.04 64 位访问 Cisco VPN

使用 Ubuntu 14.04 64 位访问 Cisco VPN

我必须使用 Ubuntu 14.04 连接到 Cisco VPN,首先要使用 pcf 配置文件和用户凭据。我安装了 network-manager-vpnc,创建了一个导入已保存配置文件的新连接,并使用用户凭据填写了表单。尝试连接时,我收到了连接失败的消息。

我在 Windows 机器上执行了同样的步骤,安装了此客户端 http://www.asc.edu/downloads/CiscoVPN/Windows/ 并且它运行完美。

我尝试查看这两个程序的配置有什么不同。ubuntu 设置选项中缺少的是“启用透明隧道 - IpSec over UDP (NAT/PAT)”。我在 Ubuntu 网络管理器中没有类似的东西。我甚至不确定这是否是导致失败的原因。

我还尝试安装此处提供的“官方”Linux 客户端http://www.asc.edu/downloads/CiscoVPN/Linux/ 但我甚至无法安装它,因为似乎有路径问题

   Making module
linuxcniapi.c:14:28: fatal error: linux/autoconf.h: No such file or directory
 #include <linux/autoconf.h>
                            ^
compilation terminated.
interceptor.c:13:28: fatal error: linux/autoconf.h: No such file or directory
 #include <linux/autoconf.h>
                            ^
compilation terminated.
IPSecDrvOS_linux.c:16:28: fatal error: linux/autoconf.h: No such file or directory
 #include <linux/autoconf.h>
                            ^
compilation terminated.
frag.c:3:28: fatal error: linux/autoconf.h: No such file or directory
 #include <linux/autoconf.h>
                            ^
compilation terminated.
In file included from linuxkernelapi.c:1:0:
/lib/modules/3.13.0-35-generic/build/include/linux/string.h:17:24: fatal error: asm/string.h: No such file or directory
 #include <asm/string.h>
                        ^
compilation terminated.
ld: cannot find linuxkernelapi.o: No such file or directory
ld: cannot find frag.o: No such file or directory
ld: cannot find linuxcniapi.o: No such file or directory
ld: cannot find IPSecDrvOS_linux.o: No such file or directory
ld: cannot find interceptor.o: No such file or directory
Failed to make module "cisco_ipsec".

Ubuntu 14.04 有解决方案吗?

更新 1:

@MariusMatutiae

看起来和以前一样

dario@dario-70A4000MIT:~/Programs/vpnclient$ sudo apt-get install build-essential linux-headers-generic
[sudo] password for dario: 
Reading package lists... Done
Building dependency tree       
Reading state information... Done
linux-headers-generic is already the newest version.
The following extra packages will be installed:
  dpkg-dev g++ g++-4.8 libalgorithm-diff-perl libalgorithm-diff-xs-perl
  libalgorithm-merge-perl libstdc++-4.8-dev
Suggested packages:
  debian-keyring g++-multilib g++-4.8-multilib gcc-4.8-doc libstdc++6-4.8-dbg
  libstdc++-4.8-doc
The following NEW packages will be installed:
  build-essential dpkg-dev g++ g++-4.8 libalgorithm-diff-perl
  libalgorithm-diff-xs-perl libalgorithm-merge-perl libstdc++-4.8-dev
0 upgraded, 8 newly installed, 0 to remove and 6 not upgraded.
Need to get 8.896 kB of archives.
After this operation, 31,7 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://it.archive.ubuntu.com/ubuntu/ trusty/main libstdc++-4.8-dev amd64 4.8.2-19ubuntu1 [1.050 kB]
Get:2 http://it.archive.ubuntu.com/ubuntu/ trusty/main g++-4.8 amd64 4.8.2-19ubuntu1 [7.038 kB]
Get:3 http://it.archive.ubuntu.com/ubuntu/ trusty/main g++ amd64 4:4.8.2-1ubuntu6 [1.490 B]
Get:4 http://it.archive.ubuntu.com/ubuntu/ trusty-updates/main dpkg-dev all 1.17.5ubuntu5.3 [726 kB]
Get:5 http://it.archive.ubuntu.com/ubuntu/ trusty/main build-essential amd64 11.6ubuntu6 [4.838 B]
Get:6 http://it.archive.ubuntu.com/ubuntu/ trusty/main libalgorithm-diff-perl all 1.19.02-3 [50,0 kB]
Get:7 http://it.archive.ubuntu.com/ubuntu/ trusty/main libalgorithm-diff-xs-perl amd64 0.04-2build4 [12,6 kB]
Get:8 http://it.archive.ubuntu.com/ubuntu/ trusty/main libalgorithm-merge-perl all 0.08-2 [12,7 kB]
Fetched 8.896 kB in 8s (1.042 kB/s)                                            
Selecting previously unselected package libstdc++-4.8-dev:amd64.
(Reading database ... 396766 files and directories currently installed.)
Preparing to unpack .../libstdc++-4.8-dev_4.8.2-19ubuntu1_amd64.deb ...
Unpacking libstdc++-4.8-dev:amd64 (4.8.2-19ubuntu1) ...
Selecting previously unselected package g++-4.8.
Preparing to unpack .../g++-4.8_4.8.2-19ubuntu1_amd64.deb ...
Unpacking g++-4.8 (4.8.2-19ubuntu1) ...
Selecting previously unselected package g++.
Preparing to unpack .../g++_4%3a4.8.2-1ubuntu6_amd64.deb ...
Unpacking g++ (4:4.8.2-1ubuntu6) ...
Selecting previously unselected package dpkg-dev.
Preparing to unpack .../dpkg-dev_1.17.5ubuntu5.3_all.deb ...
Unpacking dpkg-dev (1.17.5ubuntu5.3) ...
Selecting previously unselected package build-essential.
Preparing to unpack .../build-essential_11.6ubuntu6_amd64.deb ...
Unpacking build-essential (11.6ubuntu6) ...
Selecting previously unselected package libalgorithm-diff-perl.
Preparing to unpack .../libalgorithm-diff-perl_1.19.02-3_all.deb ...
Unpacking libalgorithm-diff-perl (1.19.02-3) ...
Selecting previously unselected package libalgorithm-diff-xs-perl.
Preparing to unpack .../libalgorithm-diff-xs-perl_0.04-2build4_amd64.deb ...
Unpacking libalgorithm-diff-xs-perl (0.04-2build4) ...
Selecting previously unselected package libalgorithm-merge-perl.
Preparing to unpack .../libalgorithm-merge-perl_0.08-2_all.deb ...
Unpacking libalgorithm-merge-perl (0.08-2) ...
Processing triggers for man-db (2.6.7.1-1) ...
Setting up libstdc++-4.8-dev:amd64 (4.8.2-19ubuntu1) ...
Setting up g++-4.8 (4.8.2-19ubuntu1) ...
Setting up g++ (4:4.8.2-1ubuntu6) ...
update-alternatives: using /usr/bin/g++ to provide /usr/bin/c++ (c++) in auto mode
Setting up dpkg-dev (1.17.5ubuntu5.3) ...
Setting up build-essential (11.6ubuntu6) ...
Setting up libalgorithm-diff-perl (1.19.02-3) ...
Setting up libalgorithm-diff-xs-perl (0.04-2build4) ...
Setting up libalgorithm-merge-perl (0.08-2) ...
dario@dario-70A4000MIT:~/Programs/vpnclient$ sudo ./vpn_install 
Cisco Systems VPN Client Version 4.8.02 (0030) Linux Installer
Copyright (C) 1998-2006 Cisco Systems, Inc. All Rights Reserved.

By installing this product you agree that you have read the
license.txt file (The VPN Client license) and will comply with
its terms. 


Directory where binaries will be installed [/usr/local/bin]

Automatically start the VPN service at boot time [yes]

In order to build the VPN kernel module, you must have the
kernel headers for the version of the kernel you are running.


Directory containing linux kernel source code [/lib/modules/3.13.0-35-generic/build]

* Binaries will be installed in "/usr/local/bin".
* Modules will be installed in "/lib/modules/3.13.0-35-generic/CiscoVPN".
* The VPN service will be started AUTOMATICALLY at boot time.
* Kernel source from "/lib/modules/3.13.0-35-generic/build" will be used to build the module.

Is the above correct [y]

Making module
linuxcniapi.c:14:28: fatal error: linux/autoconf.h: No such file or directory
 #include <linux/autoconf.h>
                            ^
compilation terminated.
interceptor.c:13:28: fatal error: linux/autoconf.h: No such file or directory
 #include <linux/autoconf.h>
                            ^
compilation terminated.
IPSecDrvOS_linux.c:16:28: fatal error: linux/autoconf.h: No such file or directory
 #include <linux/autoconf.h>
                            ^
compilation terminated.
frag.c:3:28: fatal error: linux/autoconf.h: No such file or directory
 #include <linux/autoconf.h>
                            ^
compilation terminated.
In file included from linuxkernelapi.c:1:0:
/lib/modules/3.13.0-35-generic/build/include/linux/string.h:17:24: fatal error: asm/string.h: No such file or directory
 #include <asm/string.h>
                        ^
compilation terminated.
ld: cannot find linuxkernelapi.o: No such file or directory
ld: cannot find frag.o: No such file or directory
ld: cannot find linuxcniapi.o: No such file or directory
ld: cannot find IPSecDrvOS_linux.o: No such file or directory
ld: cannot find interceptor.o: No such file or directory
Failed to make module "cisco_ipsec".

答案1

我设法按照此处接受的答案的建议建立了连接 https://askubuntu.com/questions/34045/how-do-i-get-this-cisco-vpn-client-to-connect 将选项添加--domain ""到启动命令中,并将 --enable-ldes 更改为 --enable-1des(我猜是打字错误)。

我把解决方案复制粘贴到这里,并做了一些修改

  1. 安装 vpnc 包:

    sudo apt-get install network-manager-vpnc
    
  2. 创建连接脚本,将下面的内容复制到名为 vpn-connect 的文件中,并将其放在某处路径上:

    \#!/bin/sh
    sudo vpnc --domain "" --local-port 0 --enable-1des /etc/vpnc/vpn.conf
    
  3. 复制 Windows Cisco VPN 客户端使用的 .pcf 文件并将其用作步骤 4 的基础。

  4. 现在需要在 /etc/vpnc 目录中创建 vpn.conf 文件。该文件的内容如下:

    IPSec ID <your ipsec id>
    IPSec gateway <your gateway address>
    IPSec secret <your ipsec secret>
    
    Xauth username <your username>
    Xauth password <your password>
    IKE Authmode psk
    

    <your username><your password>是显而易见的。

现在您已拥有连接所需的一切,因此请运行脚本:

vpn-connect

几秒钟后,它会返回以下消息:

VPNC started in background

感谢@MariusMatutiae 为我指明了正确的方向。由于我的声誉较低,我无法赞同他的评论。

答案2

由于涉及所有 OpenConnect 和 VPNC 内容,这感觉像是异端,但由于标题仅提到访问思科 VPN……

我一直在通过 Crouton chroot 软件在基于 Intel Core i3 的 Chromebox 上运行 LUbuntu 14.04 时遇到 Cisco AnyConnect 3.1.07021 问题(顺便说一句,Chromebox 上必须有 Intel 处理器才能运行 AnyConnect)。按照文档中的说明安装 AnyConnect 非常容易,安装后启动正常。但在后续登录时,它会启动并立即消失。

后来,我花了很多时间在 Google 上搜索并查看安装脚本,终于搞清楚了。LUbuntu 没有启动 Cisco 的 vpnagentd 服务。因此,我最终编写了一个脚本来启动代理;然后,趁此机会启动 AnyConnect GUI。它看起来像这样:

#!/bin/bash

agent_status=$(/etc/init.d/vpnagentd status)

if [[ "$agent_status" =~ 'is not running' ]]
then
  /etc/init.d/vpnagentd start
else
  /etc/init.d/vpnagentd restart
fi

/opt/cisco/anyconnect/bin/vpnui

现在,在 LXDE 中从菜单或任务栏按钮运行该脚本似乎有点棘手,但您可以像这样从终端运行该脚本(假设您将其命名为 vpn 并将其放在路径中的某个位置):

>>  vpn &

因此,如果您来到这里是因为您无法弄清楚为什么您的 AnyConnect 在安装后只能工作一次,我希望这会有所帮助!

相关内容