Fermi National Laboratory

Installing and Using a VPN on Linux at Fermilab

Contents: Signup | Installation | Configuration | Starting

For more information about what a VPN is and Fermilab's policy on it's VPN please go to our VPN web page.

Signup

  1. Go to the following site, to request a VPN account

    2. Information Required:
    NOTE: Remember to check the agreement statement at the bottom of the Account Request Form

  2. You will receive information back via email with a link to download your client file and profile.
  3. Follow e-mail link to web page, doing the strange picture test, then put in the name and password sent to you in the mail.
  4. Download the software and config file from the web page. We are going to assume that they are in /tmp/
  5. Read the documentation page if you want to know more about what VPN's are.
  6. Then wait 2 hours, so that the web signup goes through
    (no seriously, you have to wait two hours as of this writting)
  7. Then call the helpdesk and get your password setup. You password has to be either 8 or 9 characters. Your username is firstname.lastname

Return to top

Installation

NOTE: You need to do this as root.

  1. untar the software
    • cd /tmp/
    • tar xvfz vpnclient-linux-4.0.1.A-k9.tar.gz
  2. cd into the directory that was made when you untarred.
    • cd vpnclient
  3. copy the config file into the directory with you.
    • cp ../cd_vpn.pcf .
  4. make sure you have compilers and your kernel source
    • yum install gcc
    • yum install kernel-source
  5. run the vpn compile and install program
    • sh ./vpn_install

    NOTE: I answered all the questions with the default answer except the one that asked if I wanted it to start when my machine started, which I said no.
    NOTE: it makes a directory /etc/CiscoSystemsVPNClient under which has your profiles and other config settings.

Return to top

Configuration

If you copied the config file into the directory that you were compiling into, your configuration should already be set. But it is a good idea to check and make sure.

  1. Do the check
    • ls /etc/CiscoSystemsVPNClient/Profiles/cd_vpn.pcf
    If it says
    "ls: /etc/CiscoSystemsVPNClient/Profiles/cd_vpn.pcf: No such file or directory"
    do the following
    • cp /tmp/cd_vpn.pcf /etc/CiscoSystemsVPNClient/Profiles/cd_vpn.pcf

Return to top

Starting the VPN

NOTE: You need to do this as root.

  1. load in the vpn kernel module
    • /etc/init.d/vpnclient_init start
  2. actually start the vpm
    NOTE: don't do this in a window you plan on using unless you are going to put it in the background. If that is the case, put a & at the end of the command.
    • cd /root/
    • vpnclient connect cd_vpn
    you will be asked for your user name and password.
  3. It has been found that on some RedHat 9 based systems, with the proper combination of 'compat' libraries, that the recompiled vpnclient will not work. If that is the case copy the vpnclient from the tar file over to replace the recompiled vpnclient.
    • cp /tmp/vpnclient/vpnclient /usr/local/bin/vpnclient

Return to top

Page created by:dawson@fnal.gov.
Information compiled and maintained by CSI Group ; last modified on 08/27/2003.
(Address comments about page to csi-help@fnal.gov)
Security, Privacy, Legal Fermi National Accelerator Laboratory