Cisco AnyConnect VPN Client on 64-Bit Ubuntu 10.04
I outlined much of this in a previous blog post, but since things are slightly different (or at least were for me) on Ubuntu 10.04, I figured I'd do a follow-up while it was fresh in my mind. Note that if you're on 32-bit Ubuntu AnyConnect works out of the box so you don't need to do any of these steps. The issue is that there is no native 64-bit AnyConnect client for Linux so you have to install some 32-bit libraries and point AnyConnect to some libraries from Firefox to get things working. The basic procedure remains the same as in my previous post, but I had to install some additional libraries and do things in a slightly different order this time around.
- Download the AnyConnect installer from your VPN server or get a copy from your VPN administrator. (Why these clients aren't freely available I have no idea. You can only connect to something that someone paid Cisco for, so I'm not sure why the clients can't just be out in the wild. If you Scroogle around you may find some download links here and there but of course use at your own risk if you don't get the client from an authorized source.)
- Do a chmod +x on the installer (which for me was called vpnsetup.sh) and then run the installer using sudo. This will throw a couple of errors but they can safely be ignored.
- Install ia32-libs and lib32nss-mdns
- sudo apt-get install ia32-libs lib32nss-mdns
- Download a fresh copy of Firefox, expand, and move to /usr/local
- I downloaded to my Downloads directory, expanded there, and did sudo cp -R firefox /usr/local
- Do a cd into /usr/local/firefox and create symlinks for the Firefox libraries in /opt/cisco/vpn/lib as follows:
- sudo ln -s libnss3.so /opt/cisco/vpn/lib/nss3.so
- sudo ln -s libplc4.so /opt/cisco/vpn/lib/libplc4.so
- sudo ln -s libnspr4.so /opt/cisco/vpn/lib/libnspr4.so
- sudo ln -s libsmime3.so /opt/cisco/vpn/lib/libsmime3.so
- sudo ln -s libsoftokn3.so /opt/cisco/vpn/lib/libsoftokn3.so
- sudo ln -s libnssdbm3.so /opt/cisco/vpn/lib/libnssdbm3.so
- sudo ln -s libfreebl3.so /opt/cisco/vpn/lib/libfreebl3.so
- sudo ln -s libnssutil3.so /opt/cisco/vpn/lib/libnssutil3.so
- sudo ln -s libplds4.so /opt/cisco/vpn/lib/libplds4.so
- sudo ln -s libsqlite3.so /opt/cisco/vpn/lib/libsqlite3.so
- Start the VPN daemon: sudo /etc/init.d/vpnagentd_init start (If it doesn't start without errors, double-check all your symlinks.)
- Launch AnyConnect. You should have a launcher under Applications -> Internet, but If not you can launch it from /opt/cisco/vpn/bin/vpnui using your normal user account (i.e. not using sudo).
Using UBUNTU 10.04
make -C /lib/modules/2.6.32-22-generic/build SUBDIRS=/home/anitha/Downloads/vpnclient modules
make[1]: Entering directory `/usr/src/linux-headers-2.6.32-22-generic'
CC [M] /home/anitha/Downloads/vpnclient/linuxcniapi.o
CC [M] /home/anitha/Downloads/vpnclient/frag.o
CC [M] /home/anitha/Downloads/vpnclient/IPSecDrvOS_linux.o
CC [M] /home/anitha/Downloads/vpnclient/interceptor.o
/home/anitha/Downloads/vpnclient/interceptor.c: In function ‘interceptor_init’:
/home/anitha/Downloads/vpnclient/interceptor.c:132: error: ‘struct net_device’ has no member named ‘hard_start_xmit’
/home/anitha/Downloads/vpnclient/interceptor.c:133: error: ‘struct net_device’ has no member named ‘get_stats’
/home/anitha/Downloads/vpnclient/interceptor.c:134: error: ‘struct net_device’ has no member named ‘do_ioctl’
/home/anitha/Downloads/vpnclient/interceptor.c: In function ‘add_netdev’:
/home/anitha/Downloads/vpnclient/interceptor.c:271: error: ‘struct net_device’ has no member named ‘hard_start_xmit’
/home/anitha/Downloads/vpnclient/interceptor.c:272: error: ‘struct net_device’ has no member named ‘hard_start_xmit’
/home/anitha/Downloads/vpnclient/interceptor.c: In function ‘remove_netdev’:
/home/anitha/Downloads/vpnclient/interceptor.c:294: error: ‘struct net_device’ has no member named ‘hard_start_xmit’
make[2]: *** [/home/anitha/Downloads/vpnclient/interceptor.o] Error 1
make[1]: *** [_module_/home/anitha/Downloads/vpnclient] Error 2
make[1]: Leaving directory `/usr/src/linux-headers-2.6.32-22-generic'
make: *** [default] Error 2
Failed to make module "cisco_ipsec.ko".
Can you pls help
I'd strongly suggest using AnyConnect if you can. If you can't use AnyConnect, last time I compiled the client it worked fine but that's been ages ago, and one of the big reasons I quit using the regular client is because it tends to break every time the kernel gets any updates.
Sorry I don't have anything more concrete for you to go on.
If your VPN server isn't set up to let you log in via a web browser and download AnyConnect, you'll want to talk to your VPN server administrators to see if they can get you the installer. Once you have the installer you can follow the instructions in this post and you'll be in good shape.