You can use VPN at the EUI for the following purposes:
As usual, the EUI uses a propietary solution for its VPN configuration, and instead of using OpenVPN, they use the VPN solution of the Cisco Company.
The installation of VPN is not really easy (I have to admit it). But: if you follow these instructions you will be successful. There are following steps:
You have to install the headers of the kernel (I will not explain what this is... it does not matter now for you, but if your are interested, look at here). It sounds difficult, but it's not. The steps are as follows
You need to know the version of your kernel. Open a console and type:
uname -r
you will get then version of your kernel (in my case: 2.6.20-16-386).
Now we install the headers of the kernel:
sudo apt-get install linux-headers-THENUMBERYOUGOT
maybe it is necessary to install other packages, but it happens automatically...
And now we install the programs needed for the compilation of others programs (don't care about what this means...). It's also very easy, but important.
sudo apt-get install build-essential
With the previous steps we have now the needed tools for installing the VPN-Client in our system. The following steps sound also very complicated, but... don't worry!
Download and unpack this file in a directory. Open a console, go to this directory by typyng
cd THENAMEOFTHEDIRECTORY
and type the following command:
make
This will compile the VPN-Client on your system.
Then we install the program by typing:
sudo ./vpn_install
Attention: you will be ask for your password.
You will get with 3 questions:
Directory where binaries will be installed [/usr/local/bin]
Answer: yes
Automatically start the VPN service at boot time [yes]
Answer: no (yes it also possible, but I do not recommend it)
Directory containing linux kernel source code []
in my case the answer is: /usr/src/linux-headers-2.6.20-16.
But: it could be different on your system (anyway it will be something like: /usr/src/linux-headers-YOURKERNELVERSIONNUMMER).
and then the compiling procedure will begin... and end succesfully...
The last step is to configure the access options for the VPN-Client. For this you have to download this file and you have to put it into the directory /etc/opt/cisco-vpnclient/Profiles and we also have to change the file's permissions and owner. This is done on the console like this:
sudo cp IEURadius.pcf /etc/opt/cisco-vpnclient/Profiles/ sudo chmod 644 /etc/opt/cisco-vpnclient/Profiles/IEURadius.pcf sudo chown root:root /etc/opt/cisco-vpnclient/Profiles/IEURadius.pcf
Now the VPN-Client is already installed on your system... but it is not running yet. There are now several possibilities. I put here the simplest one, and maybe not the most attractive for not power users. BUT: it is easy (really!).
You just have to download this script I made and put it in your home directory and then change the permissions to make it executable. Very easy: open a console and writechmod +x vpneuiNow you can start the client by typing:
./vpneuiYou will be asked for your password and then you will get something like that:
Cisco Systems VPN Client Version 4.8.00 (0490) Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved. Client Type(s): Linux Running on: Linux 2.6.20-16-386 #2 Thu Jun 7 20:16:13 UTC 2007 i686 Config file directory: /etc/opt/cisco-vpnclient Initializing the VPN connection. Contacting the gateway at 192.167.90.3 User Authentication for IUERadius... Enter Username and Password. Username []: Password []:Here you put your username at the EUI in this form: iuedom\YOURUSERNAME. And then
Authenticating user. Negotiating security policies. Securing communication channel. YOU ARE IN RESEARCHER GROUP: WARNING! Unauthorized Access is Forbidden !!! Do you wish to continue? (y/n):of course: yes...
Your VPN connection is secure. VPN tunnel information. Client address: 192.168.12.109 Server address: 192.167.90.3 Encryption: 56-bit DES Authentication: HMAC-MD5 IP Compression: None NAT passthrough is active on port UDP 4500 Local LAN Access is disabled
If you're here: you are connected!! You can now download your email with thunderbird or kmail or evolution. And you can access the electronic journals of the institute from your browser. For all this there is nothing special to do! (as far as I understand the system, all your internet requests are sending over the VPN... but I'm not completely sure).
To stop the VPN (which is a good idea, if you don't use it...) is very easy. Go to the console where VPN is running and press CTRL+C. That's all.
The main informations are taken from http://popey.com/node/62. I only adapted them to our necessities.
The last version we are using of the CISCO driver is: Cisco Systems VPN Client Version 4.8.01 (0640).