Terry : Setting up vpnc

This page last changed on May 05, 2010 by terry.

Setting up VPNC

  1. VPNC is a cisco-compatible VPN client that works with the latest Ubuntu 64-bit kernels. It should also work with the 32-bit kernels, although this has not been tested. The official Cisco VPN Client from GDS causes a segmentation fault with the latest 64-bit kernels. VPNC has no such issues, and is therefore recommended. Following are the steps to get VPNC working.Compile and install vpnc with ssl support. The following information is taken from http://blog.fekw.de/2008/07/02/kubuntu-howto-build-vpnc-with-ssl-support. The version of vpnc form the Ubuntu adept repository doesn't have built-in SSL-support, so you have to build it from the sources manually.

For building deb packages:

apt-get install fakeroot debhelper dpatch

For compiling vpnc with ssl (hybrid authentication) support:

apt-get install libgcrypt11-dev openssl libssl-dev

*Create temp directory and get vpnc sources:

mkdir tmp_dir
cd tmp_dir
apt-get source vpnc

*Modify MAKEFILE. To enable OpenSSL certificate support cd to the directory containing the vpnc sources and uncomment following lines in MAKEFILE:

[source='csharp']
OPENSSL_GPL_VIOLATION = -DOPENSSL_GPL_VIOLATION
OPENSSLLIBS = -lcrypto
[/source]

Build the package:

dpkg-buildpackage -rfakeroot

Install the package:

dpkg -i vpnc_0.5.1r275-1_amd64.deb

Create configuration files to specify how to connect to the vpn. Copy them to /etc/vpnc.

AmericasEast.conf:

IPSec ID Ora-Hybrid-Gen
IPSec gateway rm-enc.oracle.com
IPSec secret S!xhundr3dTh1rtyN!n3
IKE Authmode hybrid
CA-FILE /etc/vpnc/oracle_vpn_rootcert.pem
Script /etc/vpnc/vpnc-script
Xauth username <your username>
Xauth password <your password>
Application version Cisco Systems VPN Client 4.8.00 (0490) Linux

AmericasWest.conf:

IPSec ID Ora-Hybrid-Gen
IPSec gateway hq-enc.oracle.com
IPSec secret S!xhundr3dTh1rtyN!n3
IKE Authmode hybrid
CA-FILE /etc/vpnc/oracle_vpn_rootcert.pem
Script /etc/vpnc/vpnc-script
Xauth username <your username>
Xauth password <your password>
Application version Cisco Systems VPN Client 4.8.00 (0490) Linux

Australia.conf

IPSec ID Ora-Hybrid-Gen
IPSec gateway au-enc.oracle.com
IPSec secret S!xhundr3dTh1rtyN!n3
Xauth username username_cc
Application version Cisco Systems VPN Client 4.8.0 (A):Linux
IKE Authmode hybrid
CA-File /etc/vpnc/oracle.cert

Download the attached oracle_vpn_rootcert.pem to /etc/vpnc.

Create connect.sh and disconnect.sh automatically launch vpnc.

connect.sh:

#!/bin/bash

sudo vpnc AmericasWest.conf

export http_proxy=http://www-proxy.au.oracle.com:80/
export ftp_proxy=http://www-proxy.au.oracle.com:80/

exit 0

*disconnect.sh

#!/bin/bash

sudo vpnc-disconnect
  1. Simply run connect.sh and disconnect.sh to connect and disconnect from the Oracle VPN.