So, I installed Ubuntu 7.04 Feisty Fawn beta about 2 months ago. I installed it on my notebook and one of my workstations, both of which had Windows installed previously. I’m not dual booting on those machine, they’re 100% Ubuntu now.
After getting everything setup and running nicely, I realized I had no way of connecting to the Cisco PIX VPN we have at work. This is really important for me to be able to do, my job depends on it. I immediately went to Google and started searching. Turns out a nice fellow named Alexander Griesser has created a patch for the Cisco VPN client. The most recent CIsco VPN client for linux won’t compile with kernels 2.6.19 or newer. There’s really not much of a difference between his instructions and this how-to. However, I’m including more detailed instructions for those who may not be familiar with compiling software on Linux.
Here’s the steps I took to get the Cisco VPN Client to work under Unbutu 7.04 (Feisty Fawn). In all reality, this should work with any version of Ubuntu, not just 7.04. I used this same method to get the Cisco VPN Client working on Ubuntu 8.04. Note: A $ at the beginning of a line signifies a command to be run from the terminal.
- Download vpnclient-linux-4.8.00.0490-k9.tar.gz (mirror) to your home directory.
- Open a terminal window and untar the vpnclient with the following command:
$ tar xzf vpnclient-linux-4.8.00.0490-k9.tar.gz
This will create a new folder called vpnclient in your home directory. Leave the terminal window open, you’ll need it later.
- Download the patch (mirror) and save it to the vpnclient folder that was created in step 2.
- Go back to your terminal window and move into the vpnclient folder:
$ cd vpnclient/
- Now patch the Cisco VPN source with this command:
$ patch < vpnclient-linux-2.6.22.diff
- Next we actually build the Cisco VPN client, issue this command:
$ sudo ./vpn_install
Just hit enter for everything it asks you, the defaults are all OK. You may see lots of warnings, but those are OK.
- The VPN client is installed, now we need to start it:
$ sudo /etc/init.d/vpnclient_init start
- Place your .pcf configuration files in /etc/opt/cisco-vpnclient/Profiles/
- If your .pcf file is called myVPN.pcf, you’ll connect to the VPN with the following command:
$ sudo vpnclient connect myVPN
That’s it! You should now be able to connect to your Cisco VPN with the official Cisco VPN client on Linux. This will probably work on pretty much any linux setup, not just Ubuntu.
UPDATE (8/18/2007): Alexander Griesser released a new patch that works with kernel versions 2.6.22 and greater. The new patch is backwards compatible, so it also works with older kernels as well, such as 2.6.10 and 2.6.21. All the download links above point to the newest release of the patch. I’ll continue to update this how-to as he releases new patches.
UPDATE (10/04/2007): Cisco has finally released a new version of their vpn client for Linux. This new version compiles on all the new 2.6.xx kernels without the need for patching! You can download it from Alexander’s site or you can get it right here.
UPDATE (12/29/2007): Alexander Griesser has a new project page for his Cisco VPN client patches. It contains basic usage information and will most likely always have the latest and greatest patch available for download. In addition to that, Alexander has a new patch to make version 4.8.01.0640-k9 of the Cisco VPN Client compile on 64bit systems. Again, you can download the latest Cisco VPN Client for linux from the following link:
UPDATE (8/11/2011): Marius B commented and mentioned he has a post up on this same subject. It’s worth checking his post out. He basically suggests enabling the option to only use the VPN connection for resources on the network you’re connected to. See his post for more.