vpnc and me

After a brief hiatus of making posts (I document my daily trials all day at work, so it’s not usually the first thing I want to do when I get home) I’ve decided to make a beneficial post about how I can now do WORK (from home) on my Fedora 11-based laptop.  Hooray!

At the corporation where I work, our network and firewall infrastructure is – of course – Cisco-based.  Naturally, in order to connect to our corporate network from home, we use Cisco’s own VPN Client.  For distribution to various users across the company, my workplace has provided discs with pre-configured installations of this client, all set and ready to go to connect to our corporate network.  This prevents the dissemination of unnecessary information (VPN IP addresses, etc.) across the ranks, and makes it much easier for the non-savvy user to get connected.

I’ve all ready had a bit of experience using this client on my Windows Vista and Windows 7-based computers.  Unfortunately for me, the Cisco VPN Client we use at work only operates in a 32-bit Windows environment… meaning that on Windows Vista, I had to run a full-fledged copy of Virtual PC with a Windows XP installation.  In Windows 7, I was fortunate enough to be able to use its own built-in Windows XP Mode.

Trial and Error

My first thought to get this software working under Fedora 11 was probably the most simple – run it in Wine!  I’ve had limited experience with Wine in the past, but figured that it was probably my best bet to get the Windows-only Cisco client functioning.  Unfortunately for me, attempting to install the program in Wine only results in a TCP/IP stack error, so that was out of the question.

My next thought – slightly better than the first – came when it was announced that I could nab a copy of the Linux version of the Cisco VPN Client from work.  As luck might have it, it’s a bitch of a program to compile and install, and I had to stop myself short of throwing my laptop into the middle of our busy street before I just gave up.

Better Ideas

At this point, I was just about ready to try anything that could possibly get VPN connectivity working for me on my laptop.  Luckily, a quick search of ‘Cisco VPN Linux’ in Google shot back the wondrous program that is vpnc.  After seeing various peoples’ success with vpnc – a fully Linux-compatible Cisco VPN equivalent – I did a bit of reading up on the documentation and quickly installed it using yum:

$ yum install vpnc.x86_64

There, easy enough.  Further reading on vpnc indicated that I needed to edit a file known as default.conf – located in the /etc/vpnc directory – to store my VPN settings for work, if desired.  Opening up the config file included with the Windows version of the client, I pretty much copied everything over verbatim:

$ cd /etc/vpnc

$ nano default.conf

IPSec gateway [corporate VPN address]

Xauth username [domain ID]

Xauth password [domain password]

Domain [corporate domain]

From there, I performed a write out to the default.conf and saved my information.  The only complaint I might have about this step is that everything in this file is stored as plain-text, and does not appear encrypted whatsoever.  Since we are using a WPA2-encrypted wireless network and the VPN tunnel is secured, I wasn’t too concerned – but still.

At this point, I was now ready to test vpnc connectivity.  Typing in at the terminal

$ vpnc default.conf

I was rewarded with a triumphant ‘vpnc started in background’.  Hooray!  But what to do from here – how to connect to my work computer?  On Windows, I just use Remote Desktop… so logic following through as it does, I typed:

$ rdesktop [computername].[domain]

Instantly, I was showered in the beauty that was a full-screen representation of my Windows XP Professional-based work computer.

A shot of vpnc running in terminal, and my desktop running in rdesktop.
A shot of vpnc running in terminal, and my desktop running in rdesktop.

It certainly was not as easy a process as I’m making it out to be here – indeed, I did have to figure out to add .[domain] to the end of my computer name, as well as allow vpnc’s ports to flow through by performing a terminal netstat command and then opening them accordingly in the Fedora firewall – but I am now connected to work flawlessly, using open-source software.



4 Comments

  1. I’m learning Fedora myself and I find it interesting that Linux has a built-in utility for using remote desktops; similar to that of XP.

    rdesktop is the name of the program, correct? If there was another computer on your home network that allowed remote desktop connections, you would be able to remote in without a vpn correct?

    Great site, by the way.

  2. Hi Derek, I’m actually using tsclient in conjunction with rdesktop; I think they both do the same thing, but I was frustrated by remote desktop’s automatically launching into full screen mode (with no noticeable way to toggle out). Tsclient offers great customization options and a simple way to store user settings – it then launches rdesktop with those options.

    vpnc is only used for my connection into work. I am also able to use tsclient to view my desktop computer in both its Windows 7 and Windows Vista environments (as I have enabled remote connection abilities in those). So yes, I can connect to my home machines without going in through vpn.

    Glad to hear you’re enjoying the site. Feel free to spread the word – we’re all eager to get this information out there!

    PS – how are you enjoying Fedora so far?

  3. Thanks to your initial posts regarding the installation procedure, I’ve been enjoying it on a very limited basis. But I do plan on installing some different X-Windows themes and get a feel for what I like best there. I also want to try out GIMP to edit some photos. Mostly though, I think I am going to like the “peaceful” nature of the OS… that is, not every piece of software is going to be bugging me to buy something or upgrade something at all times.

    I look forward to learning a lot about this OS and this site is a big help to people like me who are pretty clueless. I was actually in a Linux class this past semester and I recommended it to my teacher who then showed it to the class; so you got some free advertising there 🙂 (although most of the students could care less about Linux)

Leave a Reply

Your email address will not be published.


*