[opensuse] ssh through vpn in openSUSE 11.1
I would like to use ssh through vpn in openSUSE 11.1 I have installed cisco vpnclient "vpnclient-linux-x86_64-4.8.02.0030-k9" with no errors. When I run vpnclient it runs w/o errors, eg:
vpnclient connect target Cisco Systems VPN Client Version 4.8.01 (0640) Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved. Client Type(s): Linux Running on: Linux 2.6.27.39-0.2-default #1 SMP 2009-11-23 12:57:38 +0100 i686 Config file directory: /etc/opt/cisco-vpnclient
Initializing the VPN connection. Contacting the gateway at xxx.x.xx.xx User Authentication for target... The server has requested the following information to complete the user authentication: Username [my-name]: Password []: Authenticating user. Negotiating security policies. Securing communication channel. Your VPN connection is secure. VPN tunnel information. Client address: xx.x.x.xx Server address: xxx.x.xx.xx Encryption: 256-bit AES Authentication: HMAC-SHA IP Compression: None NAT passthrough is inactive Local LAN Access is disabled According to this vpnclient is working. When I start ssh I don't get anything, ssh hangs:
ssh -vvv remote-computer OpenSSH_5.1p1, OpenSSL 0.9.8h 28 May 2008 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to remote-computer [xx.xx.x.xx] port 22.
The program hangs at this point. But ssh works if vpnclient is not running. 1. How can I trace if vpnclient or ssh causes the problem? 2. How can I fix this? I can use ssh/vpnclinet combination in openSUSE 10.3, so the issue is not network related. Thanks, Istvan -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 22/12/09 20:00, Istvan Gabor wrote:
ssh -vvv remote-computer OpenSSH_5.1p1, OpenSSL 0.9.8h 28 May 2008 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to remote-computer [xx.xx.x.xx] port 22.
The program hangs at this point.
TCP connection termination goes wrong http://www.comptechdoc.org/independent/networking/terms/tcp-connection-termi...
But ssh works if vpnclient is not running. 1. How can I trace if vpnclient or ssh causes the problem?
It is most likely the VPN client, show us your routing table "ip route list" without withholding the real information it shows.
2. How can I fix this?
Hard to tell, crystal ball just sent me a TCP RST ;-P -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
1. How can I trace if vpnclient or ssh causes the problem?
It is most likely the VPN client, show us your routing table "ip route list" without withholding the real information it shows.
Cristian, I sent to you the required info, to your reply address. Have you received it? Cheers, Istvan -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, 2009-12-23 at 00:00 +0100, Istvan Gabor wrote:
The program hangs at this point. But ssh works if vpnclient is not running.
Are you saying you're trying to ssh to a machine which isn't inside the LAN you're VPN-ing into? It also sounds as though you have configured your VPN connection to handle all packets (i.e. your default route is across the IPsec connection). Are machines on that LAN able to connect to the machine you're trying to connect to? Can you access other machines on that LAN? Are you able to do anything network related at all while the vpnclient is running (browse web pages, for example)? Anders -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
The program hangs at this point. But ssh works if vpnclient is not running.
Are you saying you're trying to ssh to a machine which isn't inside the LAN you're VPN-ing into? No. I meant when vpnclient is not running I can ssh to a computer which is not in the vpn network. When vpnclient is running I can not use regular network as it is disabled.
It also sounds as though you have configured your VPN connection to handle all packets (i.e. your default route is across the IPsec connection). I do not know, I have left everything as default. I did not configure vpnclient myself.
Are machines on that LAN able to connect to the machine you're trying to connect to? I have only this machine here, but from openSUSE 10.3 I can login to the machine in the vpn network.
Are you able to do anything network related at all while the vpnclient is running (browse web pages, for example)? I checked this in the meantime. I can not browse through the vpn network (though I can in oS 10.3). So it seems that the problem is with vpnclient/vpn-network.
Thanks, Istvan -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Going back to the original post. On 12/22/2009 06:00 PM, Istvan Gabor pecked at the keyboard and wrote:
I would like to use ssh through vpn in openSUSE 11.1
I have installed cisco vpnclient "vpnclient-linux-x86_64-4.8.02.0030-k9" with no errors. When I run vpnclient it runs w/o errors, eg:
vpnclient connect target Cisco Systems VPN Client Version 4.8.01 (0640) Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved. Client Type(s): Linux Running on: Linux 2.6.27.39-0.2-default #1 SMP 2009-11-23 12:57:38 +0100 i686 Config file directory: /etc/opt/cisco-vpnclient
Initializing the VPN connection. Contacting the gateway at xxx.x.xx.xx User Authentication for target...
The server has requested the following information to complete the user authentication:
Username [my-name]: Password []: Authenticating user. Negotiating security policies. Securing communication channel.
Your VPN connection is secure.
VPN tunnel information. Client address: xx.x.x.xx Server address: xxx.x.xx.xx Encryption: 256-bit AES Authentication: HMAC-SHA IP Compression: None NAT passthrough is inactive Local LAN Access is disabled
From this statement you will only be able to use the VPN network. *Anything* on your local network is unreachable. Is the machine you are trying to reach local or remote?
-- Ken Schneider SuSe since Version 5.2, June 1998 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
I would like to use ssh through vpn in openSUSE 11.1
I have installed cisco vpnclient "vpnclient-linux-x86_64-4.8.02.0030-k9" with no errors. When I run vpnclient it runs w/o errors, eg:
vpnclient connect target Cisco Systems VPN Client Version 4.8.01 (0640) Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved. Client Type(s): Linux Running on: Linux 2.6.27.39-0.2-default #1 SMP 2009-11-23 12:57:38 +0100 i686 Config file directory: /etc/opt/cisco-vpnclient
Initializing the VPN connection. Contacting the gateway at xxx.x.xx.xx User Authentication for target...
The server has requested the following information to complete the user authentication:
Username [my-name]: Password []: Authenticating user. Negotiating security policies. Securing communication channel.
Your VPN connection is secure.
VPN tunnel information. Client address: xx.x.x.xx Server address: xxx.x.xx.xx Encryption: 256-bit AES Authentication: HMAC-SHA IP Compression: None NAT passthrough is inactive Local LAN Access is disabled
According to this vpnclient is working.
When I start ssh I don't get anything, ssh hangs:
ssh -vvv remote-computer OpenSSH_5.1p1, OpenSSL 0.9.8h 28 May 2008 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to remote-computer [xx.xx.x.xx] port 22.
The program hangs at this point.
Hello: I found that not only ssh does not work but I can not browse either, ie there is a problem with the VPN network. BUT: If I change network settings in YAST to use network manager (by selecting Network Setup Method -> User Controlled with MetworkManager) VPN network start working. If network is set to use "Traditional Method with ifup" VPN network is not working. So there must be some configuration issue with tarditional network setup. As vpnclient works in oS 10.3 but not in oS 11.1 I guess the problem is caused by the new netconfig utility as it was introduced in 11.1. Could anyone please help me trace what can be the problem? (Since I would prefer to use ifup.) Thank you, Istvan -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (4)
-
Anders Johansson -
Cristian Rodríguez -
Istvan Gabor -
Ken Schneider - openSUSE