Unfortunately Ubuntu is not supported by the vendor, and I
don't have the resources to put much in on this problem.
On Tue, Sep 02, 2008 at 11:47:08AM -0400, Kramer, Jack wrote:
> So the "Users" realm definitely works. However, the VPN client
> itself seems to be creating a non-routable tunnel which it then
> proceeds to monitor - attempts to ping the tunnel or IPs in the
> MSU range fail with an inability to transmit over the tunnel.
> It also monitors the tunnel, so my attempts to change it fail
> immediately - it detects a change and then forcibly closes the
> VPN application.
I'm not sure what a "non-routable tunnel" means, other than
"it doesn't pass traffic." Jack, can you show us a routing
table?
The tunnel monitoring is a configuration setting which is set
on vpn.msu.edu for all clients connecting to the server.
So that behavior (closing the tunnel after modification)
is expected. (The thinking is, how does one know the intent
of whatever entity modified the tunnel?)
> The word on the Ubuntu forums is that there's a newer version
> of the VPN client available - 6.2, apparently - but it appears
> to be only available as a download to patch the server side.
> Does anyone know of a way to get hands on the linux executables
> for it? (We're running 6.0.something right now.)
I think I could get a 6.2 Linux client in a couple of days
-- I'd have to load the 6.2 package onto our test SSL VPN
hardware and then extract the Linux client package from there
-- but I'm not sure it would do you much good. My understanding
is that the client and server versions need to be synched, which
is why all the Windows users are forced through a client upgrade
any time we upgrade the server code.
I know someone who was poking at this for some Linux distribution;
I'll show this to him and see if he has any suggestions.
But again, we're in "unsupported" territory here.
-- Ken Josenhans
Network Management
Academic Technology Services
Michigan State University
[log in to unmask]
517-432-2935
