CLI Home
Archive

Fedora Core 2/3/4 Cisco VPN Client
Open Source VPNC VPN Client

Bill Moss
January 27, 2006

Introduction

This note collects all my experiments with the Cisco VPN client in one article. For the most recent FC3 kernel updates, the VPN client has failed to compile. We deal here with these issues.

FC2 Release, Kernel 2.6.5-1.358

FC2 was released with kernel 2.6.5-1.358. The kernel source code was required to compile the VPN client.

  kernel-sourcecode-2.6.5-1.358.noarch

The VPN client versions prior to version 4.0.4.A were not compatible with 2.6 kernels. This includes the VPN client version supplied by Clemson University.

  download.clemson.edu
  vpnclient-linux-cu-3.7.2.Rel-k9.tar.gz

Along with FC2, kernel 2.6.5-1.358, I installed

  vpnclient-linux-4.0.4.A-k9.tar.gz

After unarchiving, I copied the profile Clemson.pcf from my vpnclient-3.7.2 installation directory to my vpnclient-4.0.4 installation directory, and then installed.

  # cd /root/vpnclient-4.0.4
  # make clean
  # ./vpn_uninstall

VPN client version 4.0.4.A worked with the FC2 kernel updates. The last FC2 update I did was

  kernel-2.6.8-1.521.i686
  kernel-sourcecode-2.6.8-1.521.noarch
  initscripts-7.77-1.i386.rpm
  mkinitrd-4.1.9-1.i386.rpm

FC3 Release, Kernel 2.6.9-1.667

Beginning with the release of FC3, it is no longer necessary to install kernel source before compiling kernel modules. VPN client version 4.6.00.0045-k9 was released in the summer of 2004 and as of this date is the latest version. The VPN client version 4.6.00.0045-k9 was installed along with the FC3 release after copying the profile Clemson.pcf to the installation directory.

  # cd /root/vpnclient-4.6
  # make clean
  # ./vpn_uninstall

VPN client version 4.6.00.0045-k9 compiled with all FC3 update kernels up to and including kernel-2.6.9-1.681.

FC3, Kernel 2.6.9-1.724

VPN client version 4.6.00.0045-k9 failed to compile complaining about the inline function supported_device in the file interceptor.c. There is a patch posted at

  http://www.fedoraforum.org/forum/showthread.php?t=30438

What this patch does is move the supported_device() function definition to just before the add_netdev() call.

FC3, Kernels 2.6.10-1.737, 2.6.10-1.741

VPN client version 4.6.00.0045-k9 failed to compile complaining about the function skb_checksum_help in the file interceptor.c. The change log for the 2.6.10 kernels shows that the definition of this function has been changed. The file interceptor.c was patched to reflect this change. With this second patch to interceptor.c, VPN client version 4.6.00.0045-k9 compiles for both kernel-2.6.9-1.724 and kernel-2.6.10-1.737/741. The twice patched interceptor.c is linked here.

FC4 Test 1 Kernel 2.6.11-1.1177

On March 21, 2005 Cisco released VPN client version 4.6.02.0030-k9. I compiled this version with gcc-4.0 under FC4 Test 1 kernel 2.6.11-1.1177. Download and install

 gcc-4.0.0-0.37
 gcc-c++-4.0.0-0.37
 libgcc-4.0.0-0.37
 gcc-java-4.0.0-0.37
 kernel-2.6.11-1.1177_FC4.rpm
 kernel-devel-2.6.11-1.1177_FC4.rpm

FC4 Kernel 2.6.14-1.1656_FC4

David Bowman (bowmand@clemson.edu) reports that he had problems compiling vpnclient-linux-4.7.00.0640-k9. David discovered a patch for vpnclient that resolves the compilation issue. See

 http://www.daimi.au.dk/~u981101/vpn_client_fc4/

The patch is for the 2.6.14-1.1637 kernel, but it also works here.

Gnome VPN Dialer

A GUI is now available for the Cisco VPN client. Download gvpndialer from Source Forge. Version 1.0 was released on May 5, 2005.

 https://sourceforge.net/projects/gvpn-dialer

Open Source VPNC

The open source VPN client vpnc-0.3.2 was downloaded, configured, and installed. This client works well with Clemson's Cisco 3000 VPN concentrator.