Mageia forum

[pnbalaji]

Hi,

I am working for a new client for which I need to connect to their network using Juniper VPN. Unfortunately, juniper vpn support in Linux seems to be still at infancy. I tried jvpn, but it doesn't work and fails with a "Error: 404 not found".

Upon googling, I see that OpenConnect version 7 seems to be supporting Juniper VPN. I have Mageia 5 and the openconnect version is still at 6 only.

Can some one help me in upgrading OpenConnect in Mageia? The latest version 7 is still not in Megeia repository AFAIK.

Thanks,
Balaji.

[doktor5000]

I tried jvpn, but it doesn't work and fails with a "Error: 404 not found".

Can you please post the full output here please?

For openconnect, you may need to configure the firewall, see also https://bugs.mageia.org/show_bug.cgi?id=17752
Also, have you yet tried to connect using openconnect, what was the result?

[pnbalaji]

Thanks for the response.

I have disabled shorewall in my home PC permanently.

When try to connect to the juniper VPN using openconnect, I get the below message.

Code: Select all

[{user}@localhost sbin]$ sudo openconnect --juniper {client_url}
[sudo] password for {user}:
openconnect: unrecognized option '--juniper'
Usage:  openconnect [options] <server>
Open client for Cisco AnyConnect VPN, version v6.00


I guess the above result is because Openconnect version v6.00 doesn't support juniper yet.

When I try to connect using jvpn, the results are below.

Code: Select all

{user}@localhost jvpn-0.7.0]$ sudo ./jvpn.pl
[sudo] password for {user}:
Enter PIN+password: **************
POST {client_url}
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:23.0) Gecko/20100101 Firefox/23.0
Content-Length: 96
Content-Type: application/x-www-form-urlencoded

btnSubmit=Sign+In&password={password}&realm={realm}&tz=60&username={client_userid}
HTTP/1.1 302 Found
Connection: close
Location: {client_url}
Content-Length: 0
Content-Type: text/html; charset=utf-8
Client-Date: Sat, 11 Jun 2016 00:45:12 GMT
Client-Peer: 198.152.46.82:443
Client-Response-Num: 1
Client-SSL-Cert-Issuer: /C=US/O=Symantec Corporation/OU=Symantec Trust Network/CN=Symantec Class 3 Secure Server CA - G4
Client-SSL-Cert-Subject: /C=US/ST=New Jersey/L=Basking Ridge/O={client}./OU={client_details}/CN={client_CN}
Client-SSL-Cipher: AES128-SHA256
Client-SSL-Socket-Class: IO::Socket::SSL
Set-Cookie: DSLaunchURL=2F6D66612D636F6E74726163746F72733A3434332F64616E612D6E612F617574682F75726C5F64656661756C742F6C6F67696E2E636769; path=/; Secure

(no content)
GET {client_welcome_url}
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:23.0) Gecko/20100101 Firefox/23.0
Cookie: DSLaunchURL=2F6D66612D636F6E74726163746F72733A3434332F64616E612D6E612F617574682F75726C5F64656661756C742F6C6F67696E2E636769
Cookie2: $Version="1"

(no content)
HTTP/1.1 302 Found
Connection: close
Location: {client_url}
Content-Length: 0
Content-Type: text/html; charset=utf-8
Client-Date: Sat, 11 Jun 2016 00:45:13 GMT
Client-Peer: 198.152.46.82:443
Client-Response-Num: 1
Client-SSL-Cert-Issuer: /C=US/O=Symantec Corporation/OU=Symantec Trust Network/CN=Symantec Class 3 Secure Server CA - G4
Client-SSL-Cert-Subject: /C=US/ST=New Jersey/L=Basking Ridge/O={client}./OU={client_details}/CN={client_CN}
Client-SSL-Cipher: AES128-SHA256
Client-SSL-Socket-Class: IO::Socket::SSL

(no content)
GET {client_URL}
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:23.0) Gecko/20100101 Firefox/23.0
Cookie: DSLaunchURL=2F6D66612D636F6E74726163746F72733A3434332F64616E612D6E612F617574682F75726C5F64656661756C742F6C6F67696E2E636769
Cookie2: $Version="1"

(no content)
HTTP/1.1 404 Not Found
Cache-Control: no-store
Connection: close
Pragma: no-cache
Content-Length: 2143
Content-Type: text/html; charset=utf-8
Expires: -1
Client-Date: Sat, 11 Jun 2016 00:45:13 GMT
Client-Peer: 198.152.46.82:443
Client-Response-Num: 1
Client-SSL-Cert-Issuer: /C=US/O=Symantec Corporation/OU=Symantec Trust Network/CN=Symantec Class 3 Secure Server CA - G4
Client-SSL-Cert-Subject: /C=US/ST=New Jersey/L=Basking Ridge/O={client}./OU={client_details}/CN={client_CN}
Client-SSL-Cipher: AES128-SHA256
Client-SSL-Socket-Class: IO::Socket::SSL
Link: </dana-na/css/ds.css>; rel="stylesheet"
Title: Junos Pulse Secure Access Service
X-Meta-Robots: none

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name=robots content="none">
<title>Junos&#32;Pulse&#32;Secure&#32;Access&#32;Service</title>\n
<script src="/dana-na/css/ds.js"></script>
<script>
  WriteCSS();
\40\40\n\n
</script>
<noscript>
<link rel="stylesheet" href="/dana-na/css/ds.css">
</noscript>
</head>\n
<body  bgcolor="#FFFFFF" color="#000000" link="#3366CC" vlink="#CC6699" alink="#3366CC" leftmargin="0" topmargin="0" rightmargin="0" marginwidth="0" marginheight="0">...
(+ 1631 more bytes not shown)
An error happened: 404 Not Found
[bneelka@localhost jvpn-0.7.0]$



I have removed my actual client details and replaced them with the text in curly braces {}.

Thanks,
Balaji.

[pnbalaji]

Hi,

I have downloaded the latest stable version of openconnect (v7.06) from GIT, ran configure, make and make install to install the latest version. Once latest version of openconnect is installed, I am able to connect to Juniper VPN with out any issues.

One tricky thing. The existing binary of openconnect is in /usr/sbin where as the latest version compiled from source is getting installed into /usr/local/sbin. I backed up the old version and created a softlink with the following command.

sudo ln -s /usr/local/sbin/openconnect /usr/sbin/openconnect.

Thanks,
Balaji.