06-17-2007 04:40 AM - edited 02-21-2020 03:06 PM
I've been trying with little success to connect to the VPN we have at work using the VPN clients I have on my x86 linux (Ubuntu Feisty v7.04) client. Our IT department has me using the prorpietary Cisco client for Mac OS X which works just fine and uses the same home network the linux box does.
I have moved over the .pcf to the linux box and am using the exact same user name and password the Mac client is using. However, whenever I try to connect I get:
eric@frank:/etc/init.d$ vpnclient connect cmg
Cisco Systems VPN Client Version 4.8.00 (0490)
Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Linux
Running on: Linux 2.6.20-06-generic #2 SMP Thu Jun 7 20:19:32 UTC 2007 i686
Config file directory: /etc/opt/cisco-vpnclient
privsep: unable to drop privileges: group set failed.
The application was unable to communicate with the VPN sub-system.
eric@frank:/etc/init.d$
Network security is not one of my skills. Any guidance as to how to proceed from here would be truly appreciated.
EB
06-18-2007 06:51 PM
From the looks of it, when you installed the client you did so as Sudo and need to modify the permission for the client to allow a normal user to run the vpn client.
Found this on Google..
chmod 4111 /opt/cisco-vpnclient/bin/cvpnd
06-19-2007 08:29 AM
I tried what you suggested and am now getting the following:
root@frank:/home/eric# chmod 4111 /opt/cisco-vpnclient/bin/cvpnd
root@frank:/home/eric# vpnclient connect cmg
Cisco Systems VPN Client Version 4.8.00 (0490)
Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Linux
Running on: Linux 2.6.20-16-generic #2 SMP Thu Jun 7 20:19:32 UTC 2007 i686
Config file directory: /etc/opt/cisco-vpnclient
Could not attach to driver. Is kernel module loaded?
The application was unable to communicate with the VPN sub-system.
root@frank:/home/eric#
New error, but no joy. Any other ideas?
Thanks.
EB
06-19-2007 08:31 AM
I tried what you suggested and am now getting the following:
root@frank:/home/eric# chmod 4111 /opt/cisco-vpnclient/bin/cvpnd
root@frank:/home/eric# vpnclient connect cmg
Cisco Systems VPN Client Version 4.8.00 (0490)
Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Linux
Running on: Linux 2.6.20-16-generic #2 SMP Thu Jun 7 20:19:32 UTC 2007 i686
Config file directory: /etc/opt/cisco-vpnclient
Could not attach to driver. Is kernel module loaded?
The application was unable to communicate with the VPN sub-system.
root@frank:/home/eric#
New error, but no joy. Any other ideas?
Thanks.
EB
06-19-2007 08:56 AM
When you installed the client, did you ensure you have the correct kernel headers for the current running kernel version.
by typing uname-r you will get the kernel version number.
Using that information we can (in Ubuntu and other Debian based distributions) easily download the kernel headers with a command like this:
user@joe:~$ sudo apt-get install linux-headers-`uname -r`
Reading package lists... Done
Building dependency tree... Done
linux-headers-2.6.15-23-686 is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 66 not upgraded.
06-19-2007 09:11 AM
I am pretty sure I did not.
uname -r gives me:
eric@frank:~$ uname -r
2.6.20-16-generic
eric@frank:~$
Following what I think you wanted me to do, I entered:
eric@frank:~$ sudo apt-get install linux-headers-'2.6.20-16-generic'
Reading package lists... Done
Building dependency tree
Reading state information... Done
linux-headers-2.6.20-16-generic is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
eric@frank:~$
Does this help?
EB
06-28-2007 06:51 AM
I ran into a glitch with my cisco client on Ubuntu last night, it has been a while since I last used it. Went to run it and realized I was getting the same error as you!!
Looking at the Synaptic logs shows some automatic updates ran by Synaptic that modified files for cisco. If you remove and reinstall the cisco client (takes 1 minute) but leave the certificates and profiles (it will prompt you if you would like to remove them or not) you should be able to reconnect. This worked for me.
06-28-2007 08:21 AM
Could you please walk through with me what you reinstalled? Did you use Synaptic?
Thanks.
EB
06-28-2007 08:29 AM
I actually uninstalled the cisco vpn client. Then reinstalled it.
Navigate to the directory it is installed and issue the uninstall command.
(user@ubuntu /cisco/vpnclient$ sudo ./vpn_uninstall)
You will recieve a prompt to remove profiles and certificates, select No (unless you want to reinstall for the heck of it)
Then from the /cisco/vpnclient folder issue ./vpn_install
The client will reinstall and should work.
If not this link http://popey.com/node/62 has excellent step-by-step procedures for installing cisco client on ubuntu. Disregard the portion about getting the update that was for a previous version of the client, with the latest one this is unessasary.
Note if you follow the directions on the website above, they do not cover importing the certificate, you will also need to issue that command.
I hope this helps.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide