Installing Cisco VPN Client On Ubuntu 9.10
Download the latest version and avoid geting the following error messages. I used version 4.8.00.0490, but make sure you use 4.8.02.0030.
Cisco Systems VPN Client Version 4.8.00 (0490) Linux Installer
Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.By installing this product you agree that you have read the
license.txt file (The VPN Client license) and will comply with
its terms.Directory where binaries will be installed [/usr/local/bin]
Automatically start the VPN service at boot time [yes]yes
In order to build the VPN kernel module, you must have the
kernel headers for the version of the kernel you are running.
Directory containing linux kernel source code [/lib/modules/2.6.31-14-generic/build]* Binaries will be installed in “/usr/local/bin”.
* Modules will be installed in “/lib/modules/2.6.31-14-generic/CiscoVPN”.
* The VPN service will be started AUTOMATICALLY at boot time.
* Kernel source from “/lib/modules/2.6.31-14-generic/build” will be used to build the module.Is the above correct [y]y
Making module
make -C /lib/modules/2.6.31-14-generic/build SUBDIRS=/home/ubuntu/Downloads/vpnclient modules
make[1]: Entering directory `/usr/src/linux-headers-2.6.31-14-generic’
CC [M] /home/ubuntu/Downloads/vpnclient/linuxcniapi.o
/home/ubuntu/Downloads/vpnclient/linuxcniapi.c:12:26: error: linux/config.h: No such file or directory
In file included from /home/ubuntu/Downloads/vpnclient/Cniapi.h:15,
from /home/ubuntu/Downloads/vpnclient/linuxcniapi.c:27:
/home/ubuntu/Downloads/vpnclient/GenDefs.h:113: error: conflicting types for ‘uintptr_t’
include/linux/types.h:41: note: previous declaration of ‘uintptr_t’ was here
/home/ubuntu/Downloads/vpnclient/linuxcniapi.c: In function ‘CniInjectReceive’:
/home/ubuntu/Downloads/vpnclient/linuxcniapi.c:297: error: implicit declaration of function ‘skb_set_timestamp’
/home/ubuntu/Downloads/vpnclient/linuxcniapi.c:331: error: ‘struct sk_buff’ has no member named ‘nh’
/home/ubuntu/Downloads/vpnclient/linuxcniapi.c:332: error: ‘struct sk_buff’ has no member named ‘mac’
/home/ubuntu/Downloads/vpnclient/linuxcniapi.c: In function ‘CniInjectSend’:
/home/ubuntu/Downloads/vpnclient/linuxcniapi.c:454: error: ‘struct sk_buff’ has no member named ‘mac’
/home/ubuntu/Downloads/vpnclient/linuxcniapi.c:455: error: ‘struct sk_buff’ has no member named ‘nh’
/home/ubuntu/Downloads/vpnclient/linuxcniapi.c:458: error: ‘struct sk_buff’ has no member named ‘h’
/home/ubuntu/Downloads/vpnclient/linuxcniapi.c:458: error: ‘struct sk_buff’ has no member named ‘nh’
make[2]: *** [/home/ubuntu/Downloads/vpnclient/linuxcniapi.o] Error 1
make[1]: *** [_module_/home/ubuntu/Downloads/vpnclient] Error 2
make[1]: Leaving directory `/usr/src/linux-headers-2.6.31-14-generic’
make: *** [default] Error 2
Failed to make module “cisco_ipsec.ko”.
Downloading Cisco VPN Client And Patch
- sudo wget http://projects.tuxx-home.at/ciscovpn/clients/linux/4.8.02/vpnclient-linux-x86_64-4.8.02.0030-k9.tar.gz
- sudo tar -zxvf vpnclient-linux-x86_64-4.8.02.0030-k9.tar.gz
- cd vpnclient
- sudo wget http://lamnk.com/download/vpnclient-linux-2.6.31-final.diff
- sudo apt-get install patch
- patch < ./vpnclient-linux-2.6.31-final.diff
- copy and paste the next command
sudo sed -i 's/const\ struct\ net_device_ops\ \*netdev_ops;/struct\ net_device_ops\ \*netdev_ops;/' `find /usr/src -name netdevice.h`
- sudo ./vpn_install
Cisco Systems VPN Client Version 4.8.02 (0030) Linux Installer
Copyright (C) 1998-2006 Cisco Systems, Inc. All Rights Reserved.By installing this product you agree that you have read the
license.txt file (The VPN Client license) and will comply with
its terms.Directory where binaries will be installed [/usr/local/bin] <enter>
Automatically start the VPN service at boot time [yes] <enter>
In order to build the VPN kernel module, you must have the
kernel headers for the version of the kernel you are running.Directory containing linux kernel source code [/lib/modules/2.6.31-14-generic/build] <enter>
* Binaries will be installed in “/usr/local/bin”.
* Modules will be installed in “/lib/modules/2.6.31-14-generic/CiscoVPN”.
* The VPN service will be started AUTOMATICALLY at boot time.
* Kernel source from “/lib/modules/2.6.31-14-generic/build” will be used to build the module.Is the above correct [y] <enter>
Making module
make -C /lib/modules/2.6.31-14-generic/build SUBDIRS=/home/ubuntu/Downloads/vpnclient modules
make[1]: Entering directory `/usr/src/linux-headers-2.6.31-14-generic’
CC [M] /home/ubuntu/Downloads/vpnclient/linuxcniapi.o
CC [M] /home/ubuntu/Downloads/vpnclient/frag.o
CC [M] /home/ubuntu/Downloads/vpnclient/IPSecDrvOS_linux.o
CC [M] /home/ubuntu/Downloads/vpnclient/interceptor.o
/home/ubuntu/Downloads/vpnclient/interceptor.c: In function ‘interceptor_init’:
/home/ubuntu/Downloads/vpnclient/interceptor.c:140: warning: assignment discards qualifiers from pointer target type
CC [M] /home/ubuntu/Downloads/vpnclient/linuxkernelapi.o
LD [M] /home/ubuntu/Downloads/vpnclient/cisco_ipsec.o
Building modules, stage 2.
MODPOST 1 modules
WARNING: could not find /home/ubuntu/Downloads/vpnclient/.libdriver.so.cmd for /home/ubuntu/Downloads/vpnclient/libdriver.so
CC /home/ubuntu/Downloads/vpnclient/cisco_ipsec.mod.o
LD [M] /home/ubuntu/Downloads/vpnclient/cisco_ipsec.ko
make[1]: Leaving directory `/usr/src/linux-headers-2.6.31-14-generic’
Create module directory “/lib/modules/2.6.31-14-generic/CiscoVPN”.
Copying module to directory “/lib/modules/2.6.31-14-generic/CiscoVPN”.
Already have group ‘bin’Creating start/stop script “/etc/init.d/vpnclient_init”.
/etc/init.d/vpnclient_init
Enabling start/stop script for run level 3,4 and 5.
Creating global config /etc/opt/cisco-vpnclient
Installing license.txt (VPN Client license) in “/opt/cisco-vpnclient/”:
/opt/cisco-vpnclient/license.txt
Installing bundled user profiles in “/etc/opt/cisco-vpnclient/Profiles/”:
* New Profiles : sampleCopying binaries to directory “/opt/cisco-vpnclient/bin”.
Adding symlinks to “/usr/local/bin”.
/opt/cisco-vpnclient/bin/vpnclient
/opt/cisco-vpnclient/bin/cisco_cert_mgr
/opt/cisco-vpnclient/bin/ipseclog
Copying setuid binaries to directory “/opt/cisco-vpnclient/bin”.
/opt/cisco-vpnclient/bin/cvpnd
Copying libraries to directory “/opt/cisco-vpnclient/lib”.
/opt/cisco-vpnclient/lib/libvpnapi.so
Copying header files to directory “/opt/cisco-vpnclient/include”.
/opt/cisco-vpnclient/include/vpnapi.h
Setting permissions.
/opt/cisco-vpnclient/bin/cvpnd (setuid root)
/opt/cisco-vpnclient (group bin readable)
/etc/opt/cisco-vpnclient (group bin readable)
/etc/opt/cisco-vpnclient/Profiles (group bin readable)
/etc/opt/cisco-vpnclient/Certificates (group bin readable)
* You may wish to change these permissions to restrict access to root.
* You must run “/etc/init.d/vpnclient_init start” before using the client.
* This script will be run AUTOMATICALLY every time you reboot your computer.
Starting Cisco VPN Client
- copy your .pcf file to /etc/opt/cisco-vpnclient/Profiles/<filename>.pcf
- sudo /etc/init.d/vpnclient_init start
- sudo vpnclient connect <filename>
Initializing the VPN connection.
Enter Username and Password.
Username []:
Password []:
Authenticating user.
Negotiating security policies.
Securing communication channel.Your VPN connection is secure.
To disconnect the VPN connection just hit CTRL+C.
Dear friend, Thanks a lot. It works awesome!!!!
Thank you, simple, easy to follow guide.
Hello I get this error on my ubuntu 9.10 64 bits:
Is the above correct [y]
Making module
make -C /lib/modules/2.6.31-17-generic/build SUBDIRS=/usr/src/vpnclient modules
make[1]: Entering directory `/usr/src/linux-headers-2.6.31-17-generic’
scripts/Makefile.build:49: *** CFLAGS was changed in “/usr/src/vpnclient/Makefile”. Fix it to use EXTRA_CFLAGS. Stop.
make[1]: *** [_module_/usr/src/vpnclient] Error 2
make[1]: Leaving directory `/usr/src/linux-headers-2.6.31-17-generic’
make: *** [default] Error 2
Failed to make module “cisco_ipsec.ko”.
Thanks a lot, very good
wow .. works great.
Thanks a lot man.
Have fun
Eld
And what is the procedure to uninstall ?
Thanks
Thanks it works Great.
here is what it said:
Cisco Systems VPN Client Version 4.8.01 (0640)
Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Linux
Running on: Linux 2.6.31-14-generic #48-Ubuntu SMP Fri Oct 16 14:04:26 UTC 2009 i686
Config file directory: /etc/opt/cisco-vpnclient
Initializing the VPN connection.
Contacting the gateway at 130.194.13.1
Secure VPN Connection terminated locally by the Client
Reason: Remote peer is no longer responding.
There are no new notification messages at this time.
What is it and what should I do?
After updating my kernel to 2.6.31-17 the Cisco client stopped working.
After starting the vpnclient I got the following error:
$ sudo /etc/init.d/vpnclient_init start
Starting /opt/cisco-vpnclient/bin/vpnclient: module directory /lib/modules/2.6.31-17-generic/CiscoVPN not found.
To correct this I just copied the CiscoVPN directory from the kernel where I installed the client:
$ sudo cp -R /lib/modules/2.6.31-16-generic/CiscoVPN /lib/modules/2.6.31-17-generic/
Now it works again:
$ sudo /etc/init.d/vpnclient_init start
Starting /opt/cisco-vpnclient/bin/vpnclient: Done
@nmz
I see you are using version 4.8.01.0640, I’ve had the same problem. Please install version 4.8.02.0030 and try again.
Joep Cremers,
How to uninstall the previous version.
please.
I am also getting the same error as Xavier above. I’m using the same 64-bit kernel version as well.
thx @Joep Cremers i was the same problem here! after update the kernel thhe vpn stop work! you coments help a lot
About 64-bit (Xavier)
Cisco officially announced that they will not be providing a 64-bit
version, although there are some patches which will help you check:
http://ubuntuforums.org/showthread.php?t=592475
Thank You Very Much!
I was only using Windows because of VPN could only run on that system but today I could run it on Ubuntu thanks to you.
I am getting connected to the VPN but the VPN got disconnected after 10-15 mins. This keeps on repeating.
Also when VPN is connected, I am not able to search the internet as firefox is always looking for the site and not able to connect.
How would I resolve the issues? Please help.
I did all as per the procedure, but i am getting this error
anoop@anoop-desktop:~/vpnclient$ sudo ./vpn_install
Cisco Systems VPN Client Version 4.8.02 (0030) Linux Installer
Copyright (C) 1998-2006 Cisco Systems, Inc. All Rights Reserved.
By installing this product you agree that you have read the
license.txt file (The VPN Client license) and will comply with
its terms.
Directory where binaries will be installed [/usr/local/bin]
Automatically start the VPN service at boot time [yes]
In order to build the VPN kernel module, you must have the
kernel headers for the version of the kernel you are running.
Directory containing linux kernel source code [/lib/modules/2.6.31-14-generic/build]
* Binaries will be installed in “/usr/local/bin”.
* Modules will be installed in “/lib/modules/2.6.31-14-generic/CiscoVPN”.
* The VPN service will be started AUTOMATICALLY at boot time.
* Kernel source from “/lib/modules/2.6.31-14-generic/build” will be used to build the module.
Is the above correct [y]
Making module
make -C /lib/modules/2.6.31-14-generic/build SUBDIRS=/home/anoop/vpnclient modules
make[1]: Entering directory `/usr/src/linux-headers-2.6.31-14-generic’
scripts/Makefile.build:49: *** CFLAGS was changed in “/home/anoop/vpnclient/Makefile”. Fix it to use EXTRA_CFLAGS. Stop.
make[1]: *** [_module_/home/anoop/vpnclient] Error 2
make[1]: Leaving directory `/usr/src/linux-headers-2.6.31-14-generic’
make: *** [default] Error 2
Failed to make module “cisco_ipsec.ko”.
anoop@anoop-desktop:~/vpnclient$ sudo gedit Makefile
anoop@anoop-desktop:~/vpnclient$ sudo ./vpn_install
Cisco Systems VPN Client Version 4.8.02 (0030) Linux Installer
Copyright (C) 1998-2006 Cisco Systems, Inc. All Rights Reserved.
By installing this product you agree that you have read the
license.txt file (The VPN Client license) and will comply with
its terms.
Directory where binaries will be installed [/usr/local/bin]
Automatically start the VPN service at boot time [yes]
In order to build the VPN kernel module, you must have the
kernel headers for the version of the kernel you are running.
Directory containing linux kernel source code [/lib/modules/2.6.31-14-generic/build]
* Binaries will be installed in “/usr/local/bin”.
* Modules will be installed in “/lib/modules/2.6.31-14-generic/CiscoVPN”.
* The VPN service will be started AUTOMATICALLY at boot time.
* Kernel source from “/lib/modules/2.6.31-14-generic/build” will be used to build the module.
Is the above correct [y]
Making module
make -C /lib/modules/2.6.31-14-generic/build SUBDIRS=/home/anoop/vpnclient modules
make[1]: Entering directory `/usr/src/linux-headers-2.6.31-14-generic’
CC [M] /home/anoop/vpnclient/linuxcniapi.o
In file included from /home/anoop/vpnclient/Cniapi.h:15,
from /home/anoop/vpnclient/linuxcniapi.c:31:
/home/anoop/vpnclient/GenDefs.h:26:7: warning: “HAVE_INTTYPES_H” is not defined
In file included from /home/anoop/vpnclient/Cniapi.h:15,
from /home/anoop/vpnclient/linuxcniapi.c:31:
/home/anoop/vpnclient/GenDefs.h:89: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘uint64’
/home/anoop/vpnclient/GenDefs.h:132: error: redefinition of typedef ‘uint’
include/linux/types.h:96: note: previous declaration of ‘uint’ was here
/home/anoop/vpnclient/GenDefs.h:133: error: redefinition of typedef ‘ushort’
include/linux/types.h:95: note: previous declaration of ‘ushort’ was here
/home/anoop/vpnclient/GenDefs.h:134: error: redefinition of typedef ‘ulong’
include/linux/types.h:97: note: previous declaration of ‘ulong’ was here
/home/anoop/vpnclient/linuxcniapi.c: In function ‘CniInjectReceive’:
/home/anoop/vpnclient/linuxcniapi.c:341: warning: cast from pointer to integer of different size
/home/anoop/vpnclient/linuxcniapi.c:342: warning: cast from pointer to integer of different size
/home/anoop/vpnclient/linuxcniapi.c: In function ‘CniInjectSend’:
/home/anoop/vpnclient/linuxcniapi.c:481: warning: cast from pointer to integer of different size
/home/anoop/vpnclient/linuxcniapi.c:482: warning: cast from pointer to integer of different size
/home/anoop/vpnclient/linuxcniapi.c:491: warning: cast to pointer from integer of different size
/home/anoop/vpnclient/linuxcniapi.c:491: warning: cast from pointer to integer of different size
/home/anoop/vpnclient/linuxcniapi.c:416: warning: unused variable ‘pVABinding’
make[2]: *** [/home/anoop/vpnclient/linuxcniapi.o] Error 1
make[1]: *** [_module_/home/anoop/vpnclient] Error 2
make[1]: Leaving directory `/usr/src/linux-headers-2.6.31-14-generic’
make: *** [default] Error 2
Failed to make module “cisco_ipsec.ko”.
anoop@anoop-desktop:~
@anoop
Try
sudo apt-get install linux-headers-$(uname -r)and install again.
Didn the patch give an error?
Joep Cremers
Installation was successful, but i am getting this error while connecting…
anoop@anoop-desktop:~$ vpnclient connect OCCN-ADC-2
Cisco Systems VPN Client Version 4.8.02 (0030)
Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Linux
Running on: Linux 2.6.31-19-server #56-Ubuntu SMP Thu Jan 28 03:40:48 UTC 2010 x86_64
Config file directory: /etc/opt/cisco-vpnclient
Initializing the VPN connection.
Contacting the gateway at 141.146.184.62
Contacting the gateway at 141.146.184.61
Secure VPN Connection terminated locally by the Client
Reason: Failed to establish a VPN connection.
There are no new notification messages at this time.
anoop@anoop-desktop:~$
TYVM! These directions got me connected on the first shot!
Of note, it may be easier to create a shell script to do the connection for you each time rather than trying to remember the name of the files. My script contains:
vpnclient connect user pwd &
I then created a menu shortcut to this so I can launch it quickly, along with a second script for disconnecting:
sudo pkill vpnclient
Hope that helps someone!
Regards,
Sean P. O. MacCath-Moran
http://www.emanaton.com
TYVM! These directions got me connected on the first shot!
Of note, it may be easier to create a shell script to do the connection for you each time rather than trying to remember the name of the files. My script contains:
vpnclient connect <filename> user <username> pwd <password> &
I then created a menu shortcut to this so I can launch it quickly, along with a second script for disconnecting:
sudo pkill vpnclient
Hope that helps someone!
Regards,
Sean P. O. MacCath-Moran
http://www.emanaton.com
Gracias, Muy bueno el paso a paso.
after instalation and try to connect, I have this error
fadli@fadli-laptop:/etc/opt/cisco-vpnclient$ sudo vpnclient connect sample.pcf
Cisco Systems VPN Client Version 4.8.01 (0640)
Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Linux
Running on: Linux 2.6.31-21-generic #59-Ubuntu SMP Wed Mar 24 07:28:56 UTC 2010 i686
Config file directory: /etc/opt/cisco-vpnclient
The profile specified could not be read.
can you help me please??
Dear Joep -
Where do I find my .pcf file? How do I make a .pcf file if I don’t have one?
Thanks!
Martin
@fadli Make sure to not include the .pcf part. No extensions when issuing the command.
Example:
vpnclient connect sample
try that.
hi, after first instalation was great, but but now when I try to connect I have:
Starting /opt/cisco-vpnclient/bin/vpnclient: insmod: error inserting ‘/lib/modules/2.6.31-21-generic/CiscoVPN/cisco_ipsec.ko’: -1 Invalid module format
Failed (insmod)
could you help me?
hi,
I have seen the same problem as kb8. but this occured only after my kernal updated on 4-29-2010 to kernel version 2.6.31-21-generic. Is there something in the new kernel causing the error?
@kb8 and @daver1024
You are getting the error:
Starting /opt/cisco-vpnclient/bin/vpnclient: insmod: error inserting ‘/lib/modules/2.6.31-21-generic/CiscoVPN/cisco_ipsec.ko’: -1 Invalid module format
Failed (insmod)
Please check if there is a file “/lib/modules/2.6.31-21-generic/CiscoVPN/cisco_ipsec.ko”
When the kernel is updated, sometimes the directory isn’t created correctly. Try the following and look out it’s case sensitive:
cd /lib/modules/2.6.31-21-generic
sudo mkdir CiscoVPN
sudo cp /lib/modules/2.6.31-20-generic/CiscoVPN/cisco_ipsec.ko /lib/modules/2.6.31-21-generic/CiscoVPN/cisco_ipsec.ko
If it still doesn’t start, check if the CiscoVPN directory was created with the correct rights, like this:
/lib/modules/2.6.31-21-generic$ ls -la
drwxr-xr-x 2 root root 4096 2010-05-03 23:19 CiscoVPN
Try the complete installation again.
Hi Jeop,
Thanks a lot. I was afraid i have to use windows. Your patch just worked for me.
Sweeya
Cheers!
Worked for me.
[...] on July 12, 2010 I have been following installation process from very good technical blog: “Joep Cremers Weblog – Installing Cisco VPN Client On Ubuntu 9.10” and then from other very good blog [...]
Hey Joep!
Thanks alot for this…had a similar error message…the rest was a literal walk through for the install!
Thanks a ton!
Zee
Hey again Joep,
Just really quickly…
During installation I selected ‘NOT’ to ‘Automatically’ start the VPN client on boot…so does that mean that after a reboot I just have to start it up again by running the command:
‘sudo /etc/init.d/vpnclient_init start’
when I wanna start the client or what?
Sorry I am a new bee (to Linux i.e.)…so bear with me if my question sounds stupid!
Thanks again!
Zee
@Zee
Init scripts are the scripts located in /etc/init.d. These scripts are part of the bootup sequence of Ubuntu. During boot, they are not called directly, but through a structure of symbolic links which manage the services which are to be started in a particular runlevel. For more details see: https://help.ubuntu.com/community/UbuntuBootupHowto
I start with a script and first stop the client to disconnect all connections.
sudo /etc/init.d/vpnclient_init stop
sudo /etc/init.d/vpnclient_init start
sudo vpnclient connect
Thanks for the quick response…
So I will first stop the client and then start it again…right?…using the commands you just posted….
Just tried it after a boot and the VPN seems to be working so thanks (once again)!
Btw…if it isnt any trouble….could you nudge me in the direction of a site where I could learn more about the command based system of Linux?
Thanks for all the help!
Zee