# Cisco VPN client install

## oshman

Hello all,

I am trying to get on the VPN at my university using Cisco VPN client. The school provides a download of the necessary client software with the name "uhvpn_client_linux.tar.gz". (uh=University of Houston). The first thing I tried doing was placing this file in /usr/portage/distfiles and "emerging cisco-vpnclient-3des". Thats the cisco vpn client listed in portage. But no luck htere. Then I tried changing the name of the file to what portage was looking for - something like "vpn_client_linux_x86_64-4.6.03.0190-k9". Then I tried "emerging cisco-vpnclient-3des" and it started to unpack the file but stopped saying there was a mismatch in file sizes (the schoo provides release 3.7 and portage looks for 4.6). 

Then I tried using some of the directions from Cisco's website: (I extracted the tarball, and ran the install file)

```

romulus vpnclient # ./vpn_install

Cisco Systems VPN Client Version 3.7 (Rel) Linux Installer

Copyright (C) 1998-2001 Cisco Systems, Inc. All Rights Reserved.

By installing this product you agree that you have read the

license.txt file (The VPN Client license) and will comply with

its terms.

Directory where binaries will be installed [/usr/local/bin]

Automatically start the VPN service at boot time [yes]

In order to build the VPN kernel module, you must have the

kernel headers for the version of the kernel you are running.

For RedHat 6.x users these files are installed in /usr/src/linux by default

For RedHat 7.x users these files are installed in /usr/src/linux-2.4 by default

For Suse 7.3 users these files are installed in /usr/src/linux-2.4.10.SuSE by default

Directory containing linux kernel source code [/lib/modules/2.6.12-gentoo-r8/build]

Directory containing runlevel directories (rcX.d):

```

My questions are - 

Is the install file I downloaded from the school of any use to me? ( uhvpn_client_linux.tar.gz)

If I can use this file can I install without portage, and where are my runlevel directories(rcX.d)?

Or better yet, If some has an easy solution to this problem please tell me.

Thanx.

----------

## kiksen

Hmm. If your are running a 2.6 kernel you need the newer version, so get it from portage.

I assume the package from your university is just an old version of the client, and a profile to allow you to log on. Grab the profile (it's a text file) and use it with the newer client and your'e good to go (I believe...)

/kiksen

----------

## oshman

When you try to emerge the vpn client from portage it say that you must download the client from Cisco's website - license issue. But after registering I found out that only Cisco resellers, partners, and certified engineers can download it for free. The rest of us have to cough up $30. Thanks for the help though.

Oshman

----------

## Ph0eniX

 *oshman wrote:*   

> When you try to emerge the vpn client from portage it say that you must download the client from Cisco's website - license issue. But after registering I found out that only Cisco resellers, partners, and certified engineers can download it for free. The rest of us have to cough up $30. Thanks for the help though.
> 
> Oshman

 

Get the latest version here:

http://lug.wsu.edu/files/vpnclient-linux-4.6.00.0045-k9.tar.gz

----------

## oshman

You da man Ph0eniX!!! Thanx a bunch. I'm good to go  :Very Happy: 

----------

## Meaulnes

I used to have the Cisco VPN client working on my Gentoo laptop. Unfortunately my laptop went through a transitional period during which it was re-installed several times. In any case, it ia back in my hands and running a new install of Gentoo. I am fairly certain that my kernel is built as it was before, but I cannot get the cisco vpnclient to install, either via portage or manually. I really need to get this thing working b4 someone at my compnay gets pissed and makes me install windows.

Before I start posting errors messages, I need to say that I have tried to get vpnc to work, but since our particular VPN server (CIsco PIX) is not configured to use user names, only a group name and group password, I have been thwarted in my attempts to use a true open source solution. If anyone knows of a way to make vpnc connect without a username & password (i.e. only a group name and group password), I would be more than glad to try it out.

So here are some errors:

```

>>> md5 src_uri ;-) vpnclient-linux-x86_64-4.6.03.0190-k9.tar.gz

>>> Unpacking source...

>>> Unpacking vpnclient-linux-x86_64-4.6.03.0190-k9.tar.gz to /var/tmp/portage/cisco-vpnclient-3des-4.6.03.0190/work

>>> Source unpacked.

make -C /lib/modules/2.6.14-rc1/build SUBDIRS=/var/tmp/portage/cisco-vpnclient-3des-4.6.03.0190/work/vpnclient modules

make[1]: Entering directory `/usr/src/linux-2.6.14-rc1'

  CC [M]  /var/tmp/portage/cisco-vpnclient-3des-4.6.03.0190/work/vpnclient/linuxcniapi.o

/var/tmp/portage/cisco-vpnclient-3des-4.6.03.0190/work/vpnclient/linuxcniapi.c: In function `CniInjectReceive':

/var/tmp/portage/cisco-vpnclient-3des-4.6.03.0190/work/vpnclient/linuxcniapi.c:292: error: structure has no member named `stamp'

/var/tmp/portage/cisco-vpnclient-3des-4.6.03.0190/work/vpnclient/linuxcniapi.c: In function `CniInjectSend':

/var/tmp/portage/cisco-vpnclient-3des-4.6.03.0190/work/vpnclient/linuxcniapi.c:432: error: structure has no member named `stamp'

make[2]: *** [/var/tmp/portage/cisco-vpnclient-3des-4.6.03.0190/work/vpnclient/linuxcniapi.o] Error 1

make[1]: *** [_module_/var/tmp/portage/cisco-vpnclient-3des-4.6.03.0190/work/vpnclient] Error 2

make[1]: Leaving directory `/usr/src/linux-2.6.14-rc1'

make: *** [default] Error 2

!!! ERROR: net-misc/cisco-vpnclient-3des-4.6.03.0190 failed.

```

I get a similar error when I try to install it manually.  Here is an emerge --info for you perusal:

```

montana vpnclient # emerge --info

Portage 2.0.52-r1 (default-linux/x86/2005.1, gcc-3.3.6, glibc-2.3.5-r1, 2.6.14-rc1 i686)

=================================================================

System uname: 2.6.14-rc1 i686 Intel(R) Pentium(R) 4 Mobile CPU 1.80GHz

Gentoo Base System version 1.12.0_pre8

dev-lang/python:     2.3.5, 2.4.1-r1

sys-apps/sandbox:    1.2.13

sys-devel/autoconf:  2.13, 2.59-r7

sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6

sys-devel/binutils:  2.16.1

sys-devel/libtool:   1.5.20

virtual/os-headers:  2.6.11-r2

ACCEPT_KEYWORDS="x86 ~x86"

AUTOCLEAN="yes"

CBUILD="i686-pc-linux-gnu"

CFLAGS="-march=pentium4 -O3 -pipe"

CHOST="i686-pc-linux-gnu"

CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /var/qmail/control"

CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d"

CXXFLAGS="-march=pentium4 -O3 -pipe"

DISTDIR="/usr/portage/distfiles"

FEATURES="autoconfig distlocks sandbox sfperms strict"

GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/Linux/distributions/gentoo"

PKGDIR="/usr/portage/packages"

PORTAGE_TMPDIR="/var/tmp"

PORTDIR="/usr/portage"

SYNC="rsync://rsync.gentoo.org/gentoo-portage"

USE="x86 X alsa apm arts avi berkdb bitmap-fonts cdr crypt cups curl dvd eds emboss encode fam foomaticdb fortran gdbm gif gpm gstreamer gtk2 imap imlib ipv6 java jpeg kde libg++ libwww mad mikmod motif mp3 mpeg msn ncurses nls ogg oggvorbis opengl oss pam pcmcia pdflib perl png python qt quicktime readline sdl spell ssl svga tcpd tiff truetype truetype-fonts type1-fonts vorbis wifi wxwindows xine xml2 xmms xv xvid yahoo zlib userland_GNU kernel_linux elibc_glibc"

Unset:  ASFLAGS, CTARGET, LANG, LC_ALL, LDFLAGS, LINGUAS, MAKEOPTS, PORTDIR_OVERLAY

```

If anyone has any thoughts, please PLEASE share them.

----------

## Meaulnes

Well I still don't understand what was going on, but I got it fixed. Here is how

```

ebuild /usr/portage/net-misc/cisco-vpnclient-3des/cisco-vpnclient-3des-4.6.03.0190.ebuild unpack

nano -w /var/tmp/portage/cisco-vpnclient-3des-4.6.03.0190/work/vpnclient/linuxcniapi.c

comment out lines 292 & 432

ebuild /usr/portage/net-misc/cisco-vpnclient-3des/cisco-vpnclient-3des-4.6.03.0190.ebuild compile

ebuild /usr/portage/net-misc/cisco-vpnclient-3des/cisco-vpnclient-3des-4.6.03.0190.ebuild install

ebuild /usr/portage/net-misc/cisco-vpnclient-3des/cisco-vpnclient-3des-4.6.03.0190.ebuild qmerge

```

From here I was able to setup my pcf, start the vpn service, and connect to the VPN. So far so good.

So the last step to perform would be this:

```

ebuild /usr/portage/net-misc/cisco-vpnclient-3des/cisco-vpnclient-3des-4.6.03.0190.ebuild clean

```

----------

## mobileagent

 *Meaulnes wrote:*   

> Well I still don't understand what was going on, but I got it fixed. Here is how
> 
> ```
> 
> ebuild /usr/portage/net-misc/cisco-vpnclient-3des/cisco-vpnclient-3des-4.6.03.0190.ebuild unpack
> ...

 What are the two lines that you commented out? That is, what is the code itself? I'm having the exact same problem you had but with version 4.6.00.0045-r1, and the lines are different.  Line 432 in my version is an open curly brace for a switch![/b]

----------

## mobileagent

It occured to me that those two lines might JUST be the two lines referring to 'stamp', so I commented those out, and it seems ok.  Thanks!

----------

## mgmartin

I encountered the same thing.  The issue was from upgrading to kernel 2.6.14.  The latest kernel file skbuff.h changed struct sk_buff from 

```
struct timeval stamp;
```

 to 

```
struct skb_timeval tstamp;
```

Changing the references in linuxcniapi.c from stamp to tstamp also resolves the issue without commenting out the lines.

----------

## rapolder

thanks. 

great work!

----------

## rlittle

Thank you mobileagent and mgmartin!!! Same problem and I needed the answer fast to connect to work. I luv Gentoo!

Thanks again

Rich

----------

## iluminat23

great thanks

Yours sincerely,

philipp

----------

## TrainedChimp

 *mgmartin wrote:*   

> I encountered the same thing.  The issue was from upgrading to kernel 2.6.14.  The latest kernel file skbuff.h changed struct sk_buff from 
> 
> ```
> struct timeval stamp;
> ```
> ...

 

Worked for me, thank you.

----------

## JloR

GREAT, that really saved me some time.. hehe :)

And I am not sure cisco will like it that you put their software on the internet for public download ph0eniX..

----------

## mat_the_w

I found a page with the right file on it (vpnclient-linux-x86_64-4.6.03.0190-k9.tar.gz)

http://www.cs.uu.nl/technical/services/vpn/

----------

## opqdan

4.7.00.0640-k9 emerges fine and dandy, without having to change the stamp stucture (if I do change it, it'll fail).  But now I get:

```
drischar drischar # /etc/init.d/vpnclient start

 * Starting Cisco VPN Client ...

 * Failed to load module 'cisco_ipsec'                      [ !! ]

drischar drischar #
```

I do not have any idea how to go about solving this problem.  I am using 2.6.14-gentoo-r2.  Any ideas?  I can post my emerge info and kernel config if needed.

 *dmesg wrote:*   

> cisco_ipsec: version magic '2.6.14-gentoo-r2 preempt PENTIUM4 gcc-3.4' should be '2.6.14-gentoo-r2 preempt PENTIUM4 gcc-3.3'
> 
> 

 

I don't know if this has to do with it (I get the same message for my fglrx modules and they work fine).

EDIT: Okay, working off of that, I used gcc-config to set gcc to a 3.3 version, and re-emerged cisco-vpnclient-3des.  I have now set gcc back (so as not to break anything else).  I suppose this is not a wonderfull way to fix it, but it seems to work for now (although I have not tried to connect yet).

----------

