I keep an XP-Pro machine at home, specifically to connect to my workstations at the office, so I can "remote desktop" to them and work at home from time to time. I'd _really_ like to be able to retask that machine to a more useful (Linux) purpose. I already know that the KDE4 rdp client works great within my own domain at home, so I investigated the KDE client for setting up a VPN connection, KVpnc. On the XP machine, of course, all I've ever needed to do is provide the IP address of our VPN portal, and it's just worked. When I tried using KVpnc, it attempts to connect, but after a short timeout, I'm told that the modem on the other end has disconnected. I know that I'm providing the appropriate domain name, IP address, user name and password, but there are other possible settings, and using all the defaults hasn't worked for me so far. Has anyone here successfully connected to a corporate NT domain using KVpnc? Other than providing the correct authentication info, did you need to change any of the other settings away from the defaults? Any help with this will be appreciated! I'd just ask our IT folks about it, but being a Windows shop, they may know little about Linux, and may even harbor unrealistic fears about connecting to the domain using a "nonstandard" machine. Better if I can just make it work, and it never becomes an issue. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Mon, January 21, 2008 5:34 am, Jerry Houston wrote:
Has anyone here successfully connected to a corporate NT domain using KVpnc? Other than providing the correct authentication info, did you need to change any of the other settings away from the defaults?
In the two different vpn networks I've tried to connect, I've had no success with anything other than the native (and command-line) vpn client. In both cases, I was/am connecting to a cisco vpn and seem to only be able to use the cisco vpn client. Kvpnc didn't - for some reason - want to pull in my .pcf file or run my profile. Keep in mind, I have a RSA SecureID card which changes my password every 60 seconds. I cannot store my password in the client, therefore. What's your Wintendo VPN client? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
PerfectReign wrote:
What's your Wintendo VPN client?
Thanks for your reply. On the XP machine, it's part of the OS, rather than a separate utility. In the Network Connections dialog, it's just one of the options for creating a new connection. You select the radio button marked "Connect to the network at my workplace," and the wizard creates a desktop VPN shortcut that makes connecting and disconnecting easy. As I said, it "just works." There are no decisions to make, other than portal address and authentication. That's why I was surprised that so many options are available in KVpnc, and that the default settings there appear to be either insufficient or incorrect. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Mon January 21 2008 07:03:10 Jerry Houston wrote:
PerfectReign wrote:
What's your Wintendo VPN client?
Thanks for your reply.
On the XP machine, it's part of the OS, rather than a separate utility. In the Network Connections dialog, it's just one of the options for creating a new connection. You select the radio button marked "Connect to the network at my workplace," and the wizard creates a desktop VPN shortcut that makes connecting and disconnecting easy.
As I said, it "just works." There are no decisions to make, other than portal address and authentication. That's why I was surprised that so many options are available in KVpnc, and that the default settings there appear to be either insufficient or incorrect.
I think KNetworkManager is being more actively developed than KVPN, but it still needs to offer more options to allow me to use it to connect to my university. You could add your vote to this call for enhancement: https://bugzilla.novell.com/show_bug.cgi?id=332691 I ended up creating a toggle-script for the connection, which you can see here (along with the thread where we discussed the issue): http://lists.opensuse.org/opensuse/2007-11/msg01237.html -- Carlos FL "It is not worth an intelligent man's time to be in the majority. By definition, there are already enough people to do that." - G. H. Hardy -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
client. In both cases, I was/am connecting to a cisco vpn and seem to only be able to use the cisco vpn client. Kvpnc didn't - for some reason - want to pull in my .pcf file or run my profile.
Keep in mind, I have a RSA SecureID card which changes my password every 60 seconds. I cannot store my password in the client, therefore.
I am in the same situation... VPN to the remote server, and using an RSA SecureID card. I could never get the Kvpnc to work. I didn't spend a lot of time with it though after I discovered I could pull up a terminal and use "vpnc" to connect. I have been using that method ever since. Works fine. I even changed that over to a VMware instance of openSUSE so I could limit the traffic on the VPN to just work related stuff on the guest, and still have my regular traffic (streaming radio, torrents etc) running on the host via my ISP (instead of through the VPN tunnel to my employer). C. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Mon, 2008-01-21 at 15:41 +0100, Clayton wrote:
client. In both cases, I was/am connecting to a cisco vpn and seem to only be able to use the cisco vpn client. Kvpnc didn't - for some reason - want to pull in my .pcf file or run my profile.
Keep in mind, I have a RSA SecureID card which changes my password every 60 seconds. I cannot store my password in the client, therefore.
I am in the same situation... VPN to the remote server, and using an RSA SecureID card. I could never get the Kvpnc to work.
Perhaps completely beside the point, but perhaps you could try strongswan for making your vpn. It has built in support for smartcards (in contrast to other vpn-software), and is available on the download server. hw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Monday 21 January 2008 11:10:55 am Hans Witvliet wrote:
On Mon, 2008-01-21 at 15:41 +0100, Clayton wrote:
client. In both cases, I was/am connecting to a cisco vpn and seem to only be able to use the cisco vpn client. Kvpnc didn't - for some reason - want to pull in my .pcf file or run my profile.
Keep in mind, I have a RSA SecureID card which changes my password every 60 seconds. I cannot store my password in the client, therefore.
I am in the same situation... VPN to the remote server, and using an RSA SecureID card. I could never get the Kvpnc to work.
Perhaps completely beside the point, but perhaps you could try strongswan for making your vpn. It has built in support for smartcards (in contrast to other vpn-software), and is available on the download server.
I just installed strongswan from here: http://software.opensuse.org/search?p=1&q=strongswan However, I can't seem to make it work. I looked for an icon and don't see one. Resorting to the CLI, I get nothing there either. Ideas? jabba:/home/kai/Desktop # rpm -i strongswan-4.1.10.5-1.1.i586.rpm package strongswan-4.1.10.5-1.1 is already installed jabba:/home/kai/Desktop # strongswan bash: strongswan: command not found jabba:/home/kai/Desktop # -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Monday 21 January 2008 11:55:10 pm Kai Ponte wrote: ...
I just installed strongswan from here: http://software.opensuse.org/search?p=1&q=strongswan
However, I can't seem to make it work. I looked for an icon and don't see one. Resorting to the CLI, I get nothing there either.
Ideas?
jabba:/home/kai/Desktop # rpm -i strongswan-4.1.10.5-1.1.i586.rpm package strongswan-4.1.10.5-1.1 is already installed jabba:/home/kai/Desktop # strongswan bash: strongswan: command not found jabba:/home/kai/Desktop #
How about 'ipsec' ? From 'ipsec' script: # name and version of the ipsec implementation IPSEC_NAME="strongSwan" -- Regards, Rajko -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Mon, 2008-01-21 at 21:55 -0800, Kai Ponte wrote:
On Monday 21 January 2008 11:10:55 am Hans Witvliet wrote:
On Mon, 2008-01-21 at 15:41 +0100, Clayton wrote:
client. In both cases, I was/am connecting to a cisco vpn and seem to only be able to use the cisco vpn client. Kvpnc didn't - for some reason - want to pull in my .pcf file or run my profile.
Keep in mind, I have a RSA SecureID card which changes my password every 60 seconds. I cannot store my password in the client, therefore.
I am in the same situation... VPN to the remote server, and using an RSA SecureID card. I could never get the Kvpnc to work.
Perhaps completely beside the point, but perhaps you could try strongswan for making your vpn. It has built in support for smartcards (in contrast to other vpn-software), and is available on the download server.
I just installed strongswan from here: http://software.opensuse.org/search?p=1&q=strongswan
However, I can't seem to make it work. I looked for an icon and don't see one. Resorting to the CLI, I get nothing there either.
Ideas?
jabba:/home/kai/Desktop # rpm -i strongswan-4.1.10.5-1.1.i586.rpm package strongswan-4.1.10.5-1.1 is already installed jabba:/home/kai/Desktop # strongswan bash: strongswan: command not found jabba:/home/kai/Desktop #
I'm kinda wondering if it put the executable outside of roots path. I know you can view where an rpm puts files using YaST's software module, and I'm thinking that rpm might have a switch that does basically the same thing. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tuesday 22 January 2008 04:57:57 am Mike McMullin wrote:
On Mon, 2008-01-21 at 21:55 -0800, Kai Ponte wrote: ...
Perhaps completely beside the point, but perhaps you could try strongswan for making your vpn. It has built in support for smartcards (in contrast to other vpn-software), and is available on the download server.
I just installed strongswan from here: http://software.opensuse.org/search?p=1&q=strongswan
However, I can't seem to make it work. I looked for an icon and don't see one. Resorting to the CLI, I get nothing there either.
Ideas?
jabba:/home/kai/Desktop # rpm -i strongswan-4.1.10.5-1.1.i586.rpm package strongswan-4.1.10.5-1.1 is already installed jabba:/home/kai/Desktop # strongswan bash: strongswan: command not found jabba:/home/kai/Desktop #
I'm kinda wondering if it put the executable outside of roots path. I know you can view where an rpm puts files using YaST's software module, and I'm thinking that rpm might have a switch that does basically the same thing.
If you have installed the 'rpm' and 'mc' packages you can browse any rpm file as described in: http://en.opensuse.org/Midnight_Commander/Tips section 'RPM browsing'. The rpm alone provides that ability too, though I had to browse manual to find all options that I need. That is the reason for me to use 'mc'. Instead of browsing manual or remembering a number of switches for all that 'mc' presents I have to remember to highlight a file and press Enter. Inside the rpm highlight CONTENTS.cpio and again press Enter. The 'mc' will extract files in /tmp directory and present them as a browsable tree. To see what is in the file, for instance, /usr/sbin/ipsec highlight the file and press F3, which will invoke viewer and that is how I know that 'ipsec' is the script. Holding Shift key highlight with mouse text that you want to copy, go to mail program place cursor where you want to copy highlighted, press middle button on mouse and text is copied, as in my another mail. BTW, have you seen my other mail? Are you use threading? Evolution should be able to do that. My answer to Kai is hanging in 2 hours before your reply. This is only to show files using rpm: rpm --qery --list --package ./strongswan-4.1.10.5-1.22.i586.rpm It will show list of files where /usr/sbin/ipsec is the only binary. The 'rcipsec' is the symlink to 'ipsec'. Though I can't find what option to add to above line, to see symlinks marked as such. -- Regards, Rajko -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tuesday 22 January 2008 09:15:05 am Rajko M. wrote:
This is only to show files using rpm: rpm --qery --list --package ./strongswan-4.1.10.5-1.22.i586.rpm
It will show list of files where /usr/sbin/ipsec is the only binary. The 'rcipsec' is the symlink to 'ipsec'. Though I can't find what option to add to above line, to see symlinks marked as such.
Yeah, apparently it has something to do with ipsec. I'll stick with the cisco vpn client. I can't get anywhere with the strongwan documentation. Too complicated. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tue, 2008-01-22 at 11:15 -0600, Rajko M. wrote:
On Tuesday 22 January 2008 04:57:57 am Mike McMullin wrote:
On Mon, 2008-01-21 at 21:55 -0800, Kai Ponte wrote: ...
Perhaps completely beside the point, but perhaps you could try strongswan for making your vpn. It has built in support for smartcards (in contrast to other vpn-software), and is available on the download server.
I just installed strongswan from here: http://software.opensuse.org/search?p=1&q=strongswan
However, I can't seem to make it work. I looked for an icon and don't see one. Resorting to the CLI, I get nothing there either.
Ideas?
jabba:/home/kai/Desktop # rpm -i strongswan-4.1.10.5-1.1.i586.rpm package strongswan-4.1.10.5-1.1 is already installed jabba:/home/kai/Desktop # strongswan bash: strongswan: command not found jabba:/home/kai/Desktop #
I'm kinda wondering if it put the executable outside of roots path. I know you can view where an rpm puts files using YaST's software module, and I'm thinking that rpm might have a switch that does basically the same thing.
If you have installed the 'rpm' and 'mc' packages you can browse any rpm file as described in: http://en.opensuse.org/Midnight_Commander/Tips section 'RPM browsing'.
The rpm alone provides that ability too, though I had to browse manual to find all options that I need. That is the reason for me to use 'mc'. Instead of browsing manual or remembering a number of switches for all that 'mc' presents I have to remember to highlight a file and press Enter.
Or use your mouse and double click on the file. I have mc installed but really don't do much with it, though I know there are those on list who are quite proficient with it.
Inside the rpm highlight CONTENTS.cpio and again press Enter. The 'mc' will extract files in /tmp directory and present them as a browsable tree.
To see what is in the file, for instance, /usr/sbin/ipsec highlight the file and press F3, which will invoke viewer and that is how I know that 'ipsec' is the script.
Holding Shift key highlight with mouse text that you want to copy, go to mail program place cursor where you want to copy highlighted, press middle button on mouse and text is copied, as in my another mail.
BTW, have you seen my other mail?
Not at that the time of answering Kai.
Are you use threading?
I wasn't, but I did turn it on just now. I'll see how that goes.
Evolution should be able to do that. My answer to Kai is hanging in 2 hours before your reply.
This is only to show files using rpm: rpm --qery --list --package ./strongswan-4.1.10.5-1.22.i586.rpm
It will show list of files where /usr/sbin/ipsec is the only binary. The 'rcipsec' is the symlink to 'ipsec'. Though I can't find what option to add to above line, to see symlinks marked as such.
-- Regards, Rajko
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tuesday 22 January 2008 06:50:44 pm Mike McMullin wrote:
Or use your mouse and double click on the file.
Sure.
I have mc installed but really don't do much with it, though I know there are those on list who are quite proficient with it.
It is very usefull even if you are not proficient with it. Few tips in http://en.opensuse.org/Midnight_Commander/Tips is what is used very often. Most of the time I use function keys that are at the bottom of the screen. What I don't understand why 'Lynx like motion' is not enabled by default. .....
BTW, have you seen my other mail?
Not at that the time of answering Kai.
Are you use threading?
I wasn't, but I did turn it on just now. I'll see how that goes.
When I found threading, I was able finally to get who is answering to whom. For few private emails it is not needed, but on mail lists and in usenet is really necessary. -- Regards, Rajko -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, January 23, 2008 12:22 am, Rajko M. wrote:
On Tuesday 22 January 2008 06:50:44 pm Mike McMullin wrote:
 Or use your mouse and double click on the file. Â
Sure.
 I have mc installed but really don't do much with it, though I know there are those on list who are quite proficient with it.
It is very usefull even if you are not proficient with it.
I use it whenever I'm in the cli and actually need to do something like edit a file, having refused to learn Vi or EMACS. :P
.....
BTW, have you seen my other mail?
 Not at that the time of answering Kai.
 Are you use threading?
 I wasn't, but I did turn it on just now.  I'll see how that goes.
When I found threading, I was able finally to get who is answering to whom. For few private emails it is not needed, but on mail lists and in usenet is really necessary.
LOL! Trying to prove me wrong? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
PerfectReign pecked at the keyboard and wrote:
On Wed, January 23, 2008 12:22 am, Rajko M. wrote:
On Tuesday 22 January 2008 06:50:44 pm Mike McMullin wrote:
 Or use your mouse and double click on the file.  Sure.
 I have mc installed but really don't do much with it, though I know there are those on list who are quite proficient with it. It is very usefull even if you are not proficient with it.
I use it whenever I'm in the cli and actually need to do something like edit a file, having refused to learn Vi or EMACS. :P
.....
BTW, have you seen my other mail? Â Not at that the time of answering Kai.
 Are you use threading?  I wasn't, but I did turn it on just now.  I'll see how that goes. When I found threading, I was able finally to get who is answering to whom. For few private emails it is not needed, but on mail lists and in usenet is really necessary.
LOL!
Trying to prove me wrong?
Threading not only allows you to see who is answering whom but also if a post has an answer already. That way you know whether or not to post a reply. -- Ken Schneider SuSe since Version 5.2, June 1998 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, January 23, 2008 7:24 am, Ken Schneider wrote:
For few private emails it is not needed, but on mail lists and in usenet is really necessary.
LOL!
Trying to prove me wrong?
Threading not only allows you to see who is answering whom but also if a post has an answer already. That way you know whether or not to post a reply.
Doesn't do me any good. I delete all non-read emails every time I check my mail. Therefore a thread would not exist in my mailer even if I had it allowed. I do the same in usenet - I sort by date and only load new messages in the view. Of course, this just goes to underscore the importance of proper post style (bottom) and trimming. :) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 23 January 2008 09:43, PerfectReign wrote:
Doesn't do me any good. I delete all non-read emails every time I check my mail.
Doesn't that get boring after a while? 8-) -- Don -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 23 January 2008 11:45:51 am Don Raboud wrote:
On Wednesday 23 January 2008 09:43, PerfectReign wrote:
Doesn't do me any good. I delete all non-read emails every time I check my mail.
Doesn't that get boring after a while? 8-)
Sure. Since I use threading I have no need to delete all mails as before, and I can see more interesting stuff about answers, than I would be able without. For instance, I'm able to notice who does not use it ;-) -- Regards, Rajko -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
PerfectReign wrote:
On Wed, January 23, 2008 7:24 am, Ken Schneider wrote:
For few private emails it is not needed, but on mail lists and in usenet is really necessary. LOL!
Trying to prove me wrong?
Threading not only allows you to see who is answering whom but also if a post has an answer already. That way you know whether or not to post a reply.
Doesn't do me any good. I delete all non-read emails every time I check my mail.
Sounds like a self-inflicted, personal problem. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Jerry Houston wrote:
I keep an XP-Pro machine at home, specifically to connect to my workstations at the office, so I can "remote desktop" to them and work at home from time to time. I'd _really_ like to be able to retask that machine to a more useful (Linux) purpose. I already know that the KDE4 rdp client works great within my own domain at home, so I investigated the KDE client for setting up a VPN connection, KVpnc.
I was issued an windoze laptop by my employer as well, but it came with a 40 GB disk - far too much for the scant use I make of it. So I partitioned it and made it a dual boot machine: at one time it was w2k and fedora, currently it's triple boot: expee, SLED 10SP1, OS 10.3. Much as I like Opensuse, I have to admit that on the laptop SLED is just really smooth - it even makes using gnome bearable.
On the XP machine, of course, all I've ever needed to do is provide the IP address of our VPN portal, and it's just worked. When I tried using KVpnc, it attempts to connect, but after a short timeout, I'm told that the modem on the other end has disconnected. I know that I'm providing the appropriate domain name, IP address, user name and password, but there are other possible settings, and using all the defaults hasn't worked for me so far.
I never had any luck with kvpnc, it never did anything but crash for me. However, the cisco vpn client works perfectly, so I can connect with that, as long as I have my SecureID Token with me. We use a cisco vpn concentrator, so not sure if this applies for you. Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (12)
-
Aaron Kulkis
-
Carlos F. Lange
-
Clayton
-
Don Raboud
-
Hans Witvliet
-
Jerry Houston
-
Joe Sloan
-
Kai Ponte
-
Ken Schneider
-
Mike McMullin
-
PerfectReign
-
Rajko M.