|
Posted by Otto J. Makela on April 27, 2007, 8:58 am
If you were Registered and logged in, you could reply and use other advanced thread options
I've been successfully using vpnclient-linux-x86_64-4.8.00.0490-k9
from Cisco on a Fedora Core 5 x86_64 computer, but
kernel-2.6.20-1.2312.fc5 no longer plays nicely with it.
It did work fine with 2.6.18-1.2257 from January.
Firstly, I had to install the patch from
http://www.tuxx-home.at/archives/2006/12/07/T09_36_48/
which makes it possible to compile the vpn package, albeit with a few
warnings. I end up with a module that the kernel accepts, but trying
to open the vpn connection always fails with the rather cryptic error
message "Failed to establish a VPN connection" without producing
anything else in the system logs.
Suggestions, anyone?
Compile log (newlines added and slightly edited down for clarity):
# tail -f /var/log/messages &
# uname -a
Linux tigger.otto.net 2.6.20-1.2312.fc5 #1 SMP Tue Apr 10 15:14:58 EDT 2007
x86_64 x86_64 x86_64 GNU/Linux
# cat /etc/redhat-release
Fedora Core release 5 (Bordeaux)
# tar xzf vpnclient-linux-x86_64-4.8.00.0490-k9.tar.gz
# cd vpnclient
vpnclient# patch < ../vpnclient-linux-2.6.19.diff
patching file IPSecDrvOS_linux.c
patching file frag.c
patching file interceptor.c
patching file linuxcniapi.c
vpnclient# ./vpn_install
Cisco Systems VPN Client Version 4.8.00 (0490) Linux Installer
Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.
By installing this product you agree that you have read the
license.txt file (The VPN Client license) and will comply with
its terms.
Directory where binaries will be installed [/usr/local/bin]
Automatically start the VPN service at boot time [yes]
In order to build the VPN kernel module, you must have the
kernel headers for the version of the kernel you are running.
Directory containing linux kernel source code
[/lib/modules/2.6.20-1.2312.fc5/build]
* Binaries will be installed in "/usr/local/bin".
* Modules will be installed in "/lib/modules/2.6.20-1.2312.fc5/CiscoVPN".
* The VPN service will be started AUTOMATICALLY at boot time.
* Kernel source from "/lib/modules/2.6.20-1.2312.fc5/build" will be used to
build the module.
Is the above correct [y]
Shutting down /opt/cisco-vpnclient/bin/vpnclient: Done
Stopped: /etc/init.d/vpnclient_init (VPN init script)
Making module
make -C /lib/modules/2.6.20-1.2312.fc5/build
SUBDIRS=/home/otto/Software/vpn/vpnclient modules
make[1]: Entering directory `/usr/src/kernels/2.6.20-1.2312.fc5-x86_64'
CC [M] /home/otto/Software/vpn/vpnclient/linuxcniapi.o
In file included from /home/otto/Software/vpn/vpnclient/Cniapi.h:15,
from /home/otto/Software/vpn/vpnclient/linuxcniapi.c:27:
/home/otto/Software/vpn/vpnclient/GenDefs.h:110:2: warning: #warning 64 bit
CC [M] /home/otto/Software/vpn/vpnclient/frag.o
In file included from /home/otto/Software/vpn/vpnclient/Cniapi.h:15,
from /home/otto/Software/vpn/vpnclient/frag.c:16:
/home/otto/Software/vpn/vpnclient/GenDefs.h:110:2: warning: #warning 64 bit
CC [M] /home/otto/Software/vpn/vpnclient/IPSecDrvOS_linux.o
In file included from /home/otto/Software/vpn/vpnclient/IPSecDrvOS_linux.c:20:
/home/otto/Software/vpn/vpnclient/GenDefs.h:110:2: warning: #warning 64 bit
CC [M] /home/otto/Software/vpn/vpnclient/interceptor.o
In file included from /home/otto/Software/vpn/vpnclient/Cniapi.h:15,
from /home/otto/Software/vpn/vpnclient/interceptor.c:30:
/home/otto/Software/vpn/vpnclient/GenDefs.h:110:2: warning: #warning 64 bit
/home/otto/Software/vpn/vpnclient/interceptor.c: In function 'handle_vpnup':
/home/otto/Software/vpn/vpnclient/interceptor.c:318: warning: assignment from
incompatible pointer type
/home/otto/Software/vpn/vpnclient/interceptor.c:342: warning: assignment from
incompatible pointer type
/home/otto/Software/vpn/vpnclient/interceptor.c:343: warning: assignment from
incompatible pointer type
/home/otto/Software/vpn/vpnclient/interceptor.c: In function 'do_cleanup':
/home/otto/Software/vpn/vpnclient/interceptor.c:386: warning: assignment from
incompatible pointer type
CC [M] /home/otto/Software/vpn/vpnclient/linuxkernelapi.o
/home/otto/Software/vpn/vpnclient/linuxkernelapi.c: In function 'kernel_alloc':
/home/otto/Software/vpn/vpnclient/linuxkernelapi.c:12: warning: format '%d'
expects type 'int', but argument 2 has type 'size_t'
LD [M] /home/otto/Software/vpn/vpnclient/cisco_ipsec.o
Building modules, stage 2.
MODPOST 1 modules
WARNING: /home/otto/Software/vpn/vpnclient/cisco_ipsec.o - Section mismatch:
reference to .init.text: from .data between 'interceptor_dev' (at offset 0xd0)
and 'interceptor_notifier'
WARNING: could not find /home/otto/Software/vpn/vpnclient/.libdriver64.so.cmd
for /home/otto/Software/vpn/vpnclient/libdriver64.so
CC /home/otto/Software/vpn/vpnclient/cisco_ipsec.mod.o
LD [M] /home/otto/Software/vpn/vpnclient/cisco_ipsec.ko
make[1]: Leaving directory `/usr/src/kernels/2.6.20-1.2312.fc5-x86_64'
Copying module to directory "/lib/modules/2.6.20-1.2312.fc5/CiscoVPN".
Already have group 'bin'
Creating start/stop script "/etc/init.d/vpnclient_init".
/etc/init.d/vpnclient_init
Enabling start/stop script for run level 3,4 and 5.
Installing license.txt (VPN Client license) in "/opt/cisco-vpnclient/":
Installing bundled user profiles in "/etc/opt/cisco-vpnclient/Profiles/":
* Replaced Profiles: sample
Copying binaries to directory "/opt/cisco-vpnclient/bin".
Adding symlinks to "/usr/local/bin".
/opt/cisco-vpnclient/bin/vpnclient
/opt/cisco-vpnclient/bin/cisco_cert_mgr
/opt/cisco-vpnclient/bin/ipseclog
Copying setuid binaries to directory "/opt/cisco-vpnclient/bin".
/opt/cisco-vpnclient/bin/cvpnd
Copying libraries to directory "/opt/cisco-vpnclient/lib".
/opt/cisco-vpnclient/lib/libvpnapi.so
Copying header files to directory "/opt/cisco-vpnclient/include".
/opt/cisco-vpnclient/include/vpnapi.h
Setting permissions.
/opt/cisco-vpnclient/bin/cvpnd (setuid root)
/opt/cisco-vpnclient (group bin readable)
/etc/opt/cisco-vpnclient (permissions not changed)
* You may wish to change these permissions to restrict access to root.
* You must run "/etc/init.d/vpnclient_init start" before using the client.
* This script will be run AUTOMATICALLY every time you reboot your computer.
vpnclient# /etc/init.d/vpnclient_init start
Starting /opt/cisco-vpnclient/bin/vpnclient: Done
Apr 27 15:34:26 tigger kernel: Cisco Systems VPN Client Version 4.8.00 (0490)
kernel module loaded
vpnclient# /usr/local/bin/vpnclient connect Su4TSF
Cisco Systems VPN Client Version 4.8.00 (0490)
Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Linux
Running on: Linux 2.6.20-1.2312.fc5 #1 SMP Tue Apr 10 15:14:58 EDT 2007 x86_64
Config file directory: /etc/opt/cisco-vpnclient
Enter Certificate password:
Initializing the VPN connection.
Secure VPN Connection terminated locally by the Client
Reason: Failed to establish a VPN connection.
There are no new notification messages at this time.
Followup-to: comp.os.linux.networking
--
/* Phone: +358 40 765 5772, FAX: +358 42 7655772, ICBM: 60N 25E */
/* Mail: Mechelininkatu 26 B 27, FI-00100 Helsinki, FINLAND */
/* * * Computers Rule 01001111 01001011 * * * * * * * * * * * * */
|
| Similar Threads | Posted | | Cisco vpnclient 4.8.00 on x86_64 FC5: Failed to establish a VPN connection | April 27, 2007, 9:17 am |
| Cisco VPN Client 5.0.00.0340 Will not establish a connection. | April 7, 2008, 4:56 pm |
| Cannot establish more than 1 VPN connection | April 6, 2006, 5:09 am |
| vpn problems to win2k server error "Error 800: Unable to establish connection " | September 14, 2005, 12:46 pm |
| Cisco VPN Client Error (CVPND/0xE3400003 Function CreateFile failed | May 19, 2006, 6:18 pm |
| supplied user name and password in the *.pcf file, but the vpnclient wants me to enter user name and password manually | September 5, 2006, 3:05 pm |
| Cisco 3030 doesn't work after 21st connection | August 10, 2005, 2:27 pm |
| Can establish IPSec Tunnel but no traffic through it | March 9, 2006, 5:52 pm |
| cisco vpn connection to vpn concentrator 3000 not passing web traffic | August 21, 2006, 11:44 pm |
| cisco vpn client seems to collide with windows internet connection sharing. | March 30, 2007, 2:41 am |
|
|
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map