// VPN KIT (former Uni Karlsruhe): use it with Ubuntu Linux

Connecting to university VPNs is always… fun. This is also true for the KIT VPN, especially because there is so much outdated information out there. E.g. there is no more Cisco compatible endpoint1) but tons of vpnc tutorials! You have to use the Juniper Networks software jnc now.

Installation

However… it worked after all. The IT guys were friendly enough to put helpful information at the online help. :-) But to make it even easier, here are a my hints to get the KIT University Karlsruhe VPN connection running:

  1. Make sure you got a working Java RE. I used sun-java6-jre, therefore I don't know if it runs with OpenJDK.
  2. If you are running a 64bit Ubuntu,2) you need some 32bit wrapper libraries for jnc:
    sudo apt-get install libc6-i386 lib32z1 lib32nss-mdns
  3. Open a terminal, download and untar the jnc archive the KIT VPN help provides for Linux:
    cd ~
    wget https://www.scc.kit.edu/scc/sw/juniper/7.0/linux_vpn_7.0.tar.gz
  4. Extract the archive and remove it afterwards:
    tar -xzf linux_vpn_7.0.tar.gz
    rm linux_vpn_7.0.tar.gz
  5. There should be a juniper_linux directory within your home dir now. Change into it and run the included vpn-install.sh script:
    cd ~/juniper_linux
    ./vpn-install.sh

    Simply follow the instructions (e.g. you have to enter your RZ username).

  6. Make sure jnc is executable:
    sudo chmod a+xr /usr/local/bin/jnc
  7. You can remove the temporary juniper_linux directory now:
    rm -rf ~/juniper_linux

    That's it.

Usage

To establish the connection, open a terminal and type jnc -n kit. The program should start and prompt you for your account's password. Example output:

user@computer:~$ jnc -n kit
Server certificate verified and CN is vpn.kit.edu. Saving in /home/user/.juniper_networks/network_connect/config/vpn.kit.edu.der.
Password: 
Connecting to vpn.kit.edu : 443.
Waiting for ncsvc for 3 seconds... done
ncsvc is running, but tunnel is not established yet. Waiting for 3 seconds... done.
ncsvc is running in background (PID: 2448):
tunnel interface tun0, addr: 141.3.193.37

You can use jnc stop to close the VPN connection. Example output:

user@computer:~$ jnc stop
ncsvc is running, sending signal... terminated.
user@computer:~$

2011-10-25: Updated the installation instructions, there is a new VPN software version (7.0).

1)
This means the Cisco compatible vpnc does not work!
2)
You can check this by opening a terminal: If uname -m prints out x86_64, you are running a 64bit Ubuntu

Comments

peter
No. 1 @ 2011/04/19 19:30

nice tut :) can you tell me how I can run jnc in ubuntu 64-bit (maverick)? I get the error message “Execution of NC.jar/ncsvc failed.” and I found out, that ncsvc needs to be sudo-ed… :-/

Andreas
No. 2 @ 2011/05/08 02:32

Dear Andreas!

Thanks a lot for that easy guide! Getting the KIT-vpn work made me almost crazy - until I found your blog… well done!

@ Peter: I got it working under Maverick 64 Bit - did you check that your NC.jar file is executable?

swuska
No. 3 @ 2011/10/25 12:27

jnc is working in manual mode. but if i try to start it via ifupdown/guessnet/ifplugd on my 32-bit laptop, i get an error: /usr/local/bin/jnc -l 5 -n -c /root/.juniper_networks/network_connect/config kit Server certificate verified and CN is vpn.kit.edu. Saving in /root/.juniper_networks/network_connect/config/vpn.kit.edu.der. Connecting to vpn.kit.edu : 443. Execution of NC.jar/ncsvc failed. Failed to bring up unbekannt.

ncsvc is not started at all, there is no update of ncsvc.log at least. the rights are set as shown below: -rw——- 1 root root 50629 2011-07-08 12:33 NC.jar -rws–s–x 1 root root 1225424 2011-07-08 12:33 ncsvc

Someone knowing what's wrong?

Thanks, swuska

No. 4 @ 2011/10/25 12:51

@swuska: Sorry, I don't have access to the KIT VPN anymore (so I can't try what may goes wrong at your system). But since 2011-09-19, there is a new VPN software version (News, Download). I updated the installation instructions. Hope that helps.

swuska
No. 5 @ 2011/10/25 15:07

Thanks for your reply, but I already use the new version and like I mentioned, the manual invocation of jnc works well. Only if jnc is startet via ifupdown, the error occurs. The responsible entry in /etc/network/interfaces :

iface unbekannt inet dhcp

      post-up /usr/local/bin/jnc -l 5 -n -c /root/.juniper_networks/network_connect/config kit
      pre-down /usr/local/bin/jnc stop

swuska

No. 6 @ 2011/10/25 15:33

@swuska: Just a shoot in the dark: Does /root/.juniper_networks/network_connect/config really exist? As far as I can see, the installation script creates the .juniper_networks directory within the homedir of the calling user, not in root's home. Therefore, you may try to replace the /root/.juniper_networks/ with /home/<your username>/.juniper_networks/

swuska
No. 7 @ 2011/10/25 22:04

I installed as root, so my setting was correct. But I installed as user too for testing, with same error in result. “ifup eth0” as user is not possible (not enough rights), nevertheless i don't think it would lead to a solution of the problem.

I assume, the invocation of jnc/ncsvc via ifupdown is responsible, but i don't know how to get more details, cause i already set ifup and jnc to verbose mode.

swuska

chirag
No. 8 @ 2012/01/06 12:05

hey man..thanks a million..I have been trying to read through the German webpage and get my laptop running from home but with no success….ur webpage worked wonders in minutes and solved my problem…!..cheers..live long and prosper… !..

Physiker Robert
No. 9 @ 2013/09/01 11:52

On 64-bit Fedora I installed glibc.i686 libgcc.i686 libSM.i686 libXi.i686 zlib.i686 and it worked. Java was no problem for me.

Leave a comment…




  • E-Mail address will not be published.
  • Formatting:
    //italic//  __underlined__
    **bold**  ''preformatted''
  • Links:
    [[http://example.com]]
    [[http://example.com|Link Text]]
  • Quotation:
    > This is a quote. Don't forget the space in front of the text: "> "
  • Code:
    <code>This is unspecific source code</code>
    <code [lang]>This is specifc [lang] code</code>
    <code php><?php echo 'example'; ?></code>
    Available: html, css, javascript, bash, cpp, …
  • Lists:
    Indent your text by two spaces and use a * for
    each unordered list item or a - for ordered ones.
I'm no native speaker (English)
Please let me know if you find any errors (I want to improve my English skills). Thank you!
QR Code: URL of current page
QR Code: URL of current page 2010:10:06:vpn-uni-karlsruhe-kit-ubuntu-linux (generated for current page)