Wir freuen uns, TalkING. nun in einer rundum erneuerten Form zu Verfügung stellen zu können. An einigen Stellen wird noch fleißig gearbeitet. Um die Ausfallzeit für euch jedoch so kurz wie möglich zu gestalten, fiel die Entscheidung, euch die Grundfunktionalität schon jetzt zu Verfügung zu stellen.

TUHH Wlan und ANDERER vpn client

Tummelplatz für Computernutzer im allgemeinen und ihrer vielfältigen Probleme

Moderator: (M) Mod.-Team Global

Antworten
bigbohne
TalkING. Freak
TalkING. Freak
Beiträge: 208
Registriert: Di, 11. Dez. 07, 08:18

TUHH Wlan und ANDERER vpn client

Beitrag von bigbohne » Do, 20. Mai. 10, 10:43

Hi folks,

hat jemand sich schonmal unter linux zum AnyConnect server der TU verbinden können?
Ich bekomms nicht hin.

zum beispiel mit openconnect:
http://www.infradead.org/openconnect.html

Mfg,
Bohne

bmarinov
TalkING. Newbie
TalkING. Newbie
Beiträge: 1
Registriert: Sa, 07. Mär. 15, 23:30

Beitrag von bmarinov » So, 08. Mär. 15, 00:22

Answer comes 5 years late, lol. Anyway, posting this in english so more people can benefit from the solution.

Its really really simple, today I got pissed (again) at the TUHH/RZ for this bullshit nonsense with the VPN (and lack of support for Linux). Dreamspark is non-existent, its no longer possible to obtain a Windows OS license at our TU. This isn't the case with other universities (eg Uni Hamburg) and I dont fully understand the reasons for this. But if you cant offer Windows, at least support a proper (non-hipster bs) free OS.
Cant compile the old Cisco VPN client and afaik AnyConnect wont run on a 64bit linux distro either. Hence Openconnect.

-------------------------------

Im running 64bit Mint 17 (Cinnamon).

Download the TUHH rootcert and profile from here:
(Cant post URL due to forum restrictions)
TUHH Rechenzentrum website > VPN Service > VPN Profile >
> vpn-profile-rootcert.TUHH-Hybrid.zip
(requires Web VPN login, use your credentials)

Extract the files somewhere. The ones we need are:
TUHH-VPN-rootcert.pem - the CA root certificate
TUHH-Hybrid.pcf - file with the configuration

----------------

# install openconnect
sudo apt-get install openconnect network-manager-openconnect

# if vpnc option is missing under Network Connections / Add / VPN:
sudo apt-get install network-manager-vpnc-gnome

Go to Network connections > Add connection. From the connection type dropdown navigate to VPN > "Cisco Compatible VPN (vpnc)". Hit Create.

On the window that appears there are 3 tabs (for me). The necessary values you can get from the config file (TUHH-Hybrid.pcf)

-VPN tab:
Gateway = casg.rz.tu-harburg.de
Host=casg.rz.tu-harburg.de (corresponding line in the config file)

User name = #your username e.g. abxy1225
User password = #your password

Group name = TUHH-Hybrid
GroupName=TUHH-Hybrid

Group password = TUHH-Hybrid
#(I guess its not a secret..)
GroupPwd=TUHH-Hybrid

Check "Use hybrid auth" checkbox!
CA File: Browse to the rootcert file and select it.
e.g. linux-install-TUHH-VPN-rootcert.sh


-Advanced tab:
#again, check the latest config file to make sure that there are no changes
Domain: leave empty
Vendor: Cisco(default)
Version: leave empty
Encryption Method: Secure (default)
NAT traversal: NAT-T when available
IKE DH Group: DH Group 5
Perfect Forward Secrecy: Server
Local port: 0

------------------------------------------
This should be similar for other Debian x64 distros.

Edit: Great, I can't post URL's even when they are to the RZ's website.
Edit 2: If for any reason the VPN fails to start on the next system boot, check if you haven't added the certificate file from a flash stick or something ( :oops: :oops: :oops: ). If the CA file is missing then that's the cause. Put it somewhere on your file system and add it again to the VPN connection.
Zuletzt geändert von bmarinov am Mo, 09. Mär. 15, 01:06, insgesamt 1-mal geändert.

bigbohne
TalkING. Freak
TalkING. Freak
Beiträge: 208
Registriert: Di, 11. Dez. 07, 08:18

Thank you

Beitrag von bigbohne » So, 08. Mär. 15, 10:03

No problem. Better late than never ...

Will not help me anymore ... but probably other students :)

Antworten