Is there really a Cisco VPN client for Linux? _Really?_

Hello folks,
        I've finally after almost experiencing a brain aneurysm by trying to think too hard got my Cisco 881-SEC-K9 router properly configured for a multipoint IPSec VPN tunnel to my Amazon Virtual Private Cloud, so that hurdle is finally passed and I actually feel it was a very important milestone in my life somehow. I never thought I'd see the day I actually got my hands on a legitimate Cisco non-stink... erm.. I mean, non-linksys router. Now I just can't seem to find a 'client' VPN program for Linux. I'm currently running a Xen Hypervisor environment on openSUSE Linux because it's the only Linux distribution that completes all of my strenous requirements in a Linux server environment. It's also the most mature, and secure Linux on this planet, making it the most appreciable Linux distribution for my research needs. Using NetworkManager is not really an option for a basic Linux server environment, and OpenVPN is just too confusing to comprehend for my tiny little head. I've heard mention of some mysterious "Easy VPN" but after hours of digging online can't find any information about it, even the Cisco download link leads to a Page Not Found error. I do see a Linux VPN API for the AnyConnect program, but is that an actual VPN client, or just an API? It seems to want my money to download it but I don't have any money nor do I really know what it is because it's all secretive-like, closed source, and I can't even find a simple README file on it explaining what it is exactly. I'm just an out-of-work software developer trying to connect to my home router for personal use and I can't really afford to fork over a million and a half dollars for a single program that I'm only going to need to download once in my lifetime that should have been included with the router in the first place. I more than likely won't even be able to figure out how to use the program anyways because I don't know anything about VPN connections which is why I bought this router so I can try to figure it all out as part of the not-for-profit open source, volunteer research I'm presently trying to conduct. Is there some kind of evaluation or trial period for personal use? That would be really nice so I could at least figure out if I'm going to be able to figure it out or not. I hate throwing money away when it's in such short supply these days. There's really no alternative to a Cisco router. It's an absolute necessity for the things I'm trying to accomplish, so trying to settle for something else and going on with my life is not really an option. No, this is something I just need to face head on and get it over with.
<Rant>
       Maybe I have a little too much crazy in me for my own good, but I don't see why it should take so much money just to learn how to do something for personal reference, it's not really a skill I would ever use otherwise. Wouldn't it be great if Cisco made their VPN client open source and free to the public to use and modify, to improve on, to learn and to grow and bring the whole world closer together as a community? Even the source code to the old discontinued Cisco VPN client could be used as a valuable learning tool for some poor starving college student or Open Source Software developer somewhere trying to get by on Ramen Noodles and Ramen Noodle Sauce on Toast (don't tell me you never thought about it). Through the ripple effect, It would drastically improve sales over the course of time, because it would open the door to a whole new market where those who previously could not afford to participate now could. That's the true power of Open Source. It creates a more skilled work force for the future by openly contributing and sharing knowledge together. What if the next big internet technology and the solution to world tyranny - the solution to end all wars forever - were locked in the mind of an unemployed software developer who couldn't afford to upgrade their cisco router software or access the software they needed because it was closed source and required committing to an expensive service contract to download? That would be just terrible, wouldn't it? I guess there's no way to ever know for sure. I suppose I'd be just as happy if some kind soul out there could point me to an easy to use alternative to an always on VPN connection that runs in the background which doesn't require NetworkManager or having to spend days upon days digging through and trying to comprehend either some really poor or extremely complex documentation? I apologize for all the run on sentences posed as questions, but I've just got some serious mental burnout from all of this, being unemployed is some hard work folks. I could really use a vacation. Perhaps a camping trip to the coast is in order after I get this working, that sounds nice, doesn't it? Nothing like a good summer thunder storm on the ocean beach - far away from technology - to refresh the mind.
</Rant>

I do tend to talk too much and I don't mince any words either. What I am however, is really appreciative for the help. I know you hear that all the time, but you have no idea how much time and headache you just saved me. I think vpnc might be just what I've been looking for, unless someone can think of a client for Linux that I might be able to throw a little further. I'm very security minded now, after the backlash of Blackhat 2013, there's no telling which direction the internet might head next. Oh, you didn't hear? Well wether they realize it or not, DARPA basically declared war with other government agencies by releasing their own version of a spy program for civilians to use against the whoever -- possibly even the governmnet itself. They even went so far as to suggest it's private usage to blanket entire cities in information gathering. Civilians are a powerful foe, as they are not bound by the oath of office, any evidence they obtain is admissible in court, wether they know that or not. There's a very important reason for that. It's to prevent another civil war from ever happening, we shed enough blood the first time around less people forgot. It's something that can and will be avoided because our civilization has advanced beyond the need for bloodshed. The courts have to obey the majority rule, no matter what. For the first time in history, cyberwarfare can reach into the physical world to cause serious damage to physical structures like the nuclear facility incident in Iran. There's scarry bills trying to sneak through congress that are changing the landscape of technology forever for the entire world. We're at a pivotal point now where things can happen. It will be interesting to see how it all plays out over the next decade or so. No matter which way you look at it, just be preparerd to sell a whole lot of routers.

Similar Messages

Is there an Oracle VPN client for Linux (64-bit) ?

Does anyone know if there is an Oracle VPN client for Linux (64-bit) ?
Where to get it ?
How to install it ?
thanks!
Greg

Perhaps OpenVPN will work for you. Unfortunately you did not provide any OS information and VPN requirements.
You can find help to install and setup OpenVPN in Google. You might want to check the Fedora EPEL repository http://fedoraproject.org/wiki/EPEL to install the software using standard yum in Enterprise Linux.

Cisco Jabber Client for Linux

Are there any plans to have a Cisco Jabber client on linux?

Mike,
The larger body of use case and development for Jabber has centered on Windows and mobile iOS and Android devices. That's not to say that there isn't a contingency of customers that want a Linux client but, as of today, there is no "Jabber" client for that platform. However, I've heard this question asked in a few different forums and the answer thus far has typically been one or both of the following:
1) There is a Jabber SDK, which could potentially be used to custom develop an application.
2) Use 3rd-party XMPP client (e.g. Pidgin)
As for an official answer on "will there be in the future" with a yes/no/maybe and/or a possible timeframe, you would need to reach out to Cisco or your trusted partner as roadmap items cannot be discussed without having a non-disclosure agreement in place. That's what Jamie is getting at in his response.
D. Hailey
NetCraftsmen, LLC.

Is there a viable Microsoft Exchange client for linux

I can't find anything simple to use that does not require changing the server ( which I can't ...)

I used Evolution a couple of years ago and I didn't find it too buggy. It wasn't perfect, but overall it worked quite well. Exchange webmail must be enabled for Evolution to work.
Right now I use Thunderbird with IMAP and it's been working perfectly. I have a Blackberry so I can accept appointments and use the Blackberry calendar. Lack of calendar is the major drawback of using IMAP. If webmail is enabled you can use the web interface for calendar stuff.

Certificate authentication for Cisco VPN client

I am trying to configure the cisco VPN client for certificate authentication on my ASA 5512-X. I have it setup currently for group authentication with shared pass. This works fine. But in order for you to pass pci compliance you cannot allow aggresive mode for ikev1. the only way to disable aggresive mode (and use main mode) is to use certificate authentication for the vpn client. I know that some one out there must being doing this already. I am goign round and round with this. I am missing some thing.
I have tried as I might and all I can get are some cryptic error messages from the client and nothing on the firewall. IE failed to genterate signature, invalid remote signature id. I have tried using different signatures (one built on ASA and bought from Godaddy, and one built from Windows CA, and one self signed).
Can some one provide the instructions on seting this up (asdm or cli). Can this even be done? I would love to just use the AnyConnect client but I believe you need licensing for that since our system states only 2 allowed. Thank you for your help.

Dear Doug ,
          What is asa code your are running on ASA hardware , for cisco anyconnect you need have Code 8.0 on your hardware with cisco anyconnect essential license enabled .Paste your me show version i will help you whether you need to procure license for your hardware . By default your hardware will be shipped with any connect essential license when you have order your hardware with asa code above 8.0 .
With Any connect essential you are allowed to use upto total VPN peers allowed based on your hardware
1) What is the AnyConnect Essentials License?
The Anyconnect Essentials is a license that allows you to connect up to your 'Total VPN Peers" platform limit with AnyConnect. Without an AnyConnect Essentials license, you are limited to the 'SSLVPN Peers' limit on your device. With the Anyconnect Essentials License, you can only use Anyconnect for SSL - other features such as CSD (Cisco Secure Desktop) and using the SSLVPN portal page for anything other than launching AnyConnect are restricted.
You can see your limits for the various licensing by issuing the 'show version' command on your ASA.
Licensed features for this platform:
Maximum Physical Interfaces    : Unlimited
Maximum VLANs                  : 150
Inside Hosts                   : Unlimited
Failover                       : Active/Active
VPN-DES                        : Enabled
VPN-3DES-AES                   : Enabled
Security Contexts              : 2
GTP/GPRS                       : Disabled
SSL VPN Peers                  : 2
Total VPN Peers                : 750
Shared License                 : Disabled
AnyConnect for Mobile          : Disabled
AnyConnect for Cisco VPN Phone : Disabled
AnyConnect Essentials          : Disabled
Advanced Endpoint Assessment   : Disabled
UC Phone Proxy Sessions        : 2
Total UC Proxy Sessions        : 2
Botnet Traffic Filter          : Disabled
Licensed features for this platform:
Maximum Physical Interfaces    : Unlimited
Maximum VLANs                  : 150
Inside Hosts                   : Unlimited
Failover                       : Active/Active
VPN-DES                        : Enabled
VPN-3DES-AES                   : Enabled
Security Contexts              : 2
GTP/GPRS                       : Disabled
SSL VPN Peers                  : 2
Total VPN Peers                : 750
Shared License                 : Disabled
AnyConnect for Mobile          : Disabled
AnyConnect for Cisco VPN Phone : Disabled
AnyConnect Essentials          : Enabled
Advanced Endpoint Assessment   : Disabled
UC Phone Proxy Sessions        : 2
Total UC Proxy Sessions        : 2
Botnet Traffic Filter          : Disabled
Any connect VPN Configuration .
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808efbd2.shtml

Cisco VPN client and mac mail

Hi all,
I wonder if someone can be more helpful than my uni IT department who take a minimum of a week to get you an IP address...
My new uni uses Cisco VPN client for connection to the Wi-Fi network. It all works great apart from one (very annoying problem):-my e-mail accounts in mac mail don't seem to be able to connect via the VPN. I have had both an IMAP and a POP server e-mail account work automatically wherever I connect in the world for over a year now-so its not the way I've set up the accounts.
Is there any way to get mac mail to "see" the VPN connection. If I have to physically plug-in my mac this seems a tad ridiculous when it works in every coffee shop with free wi-fi.
My uni are not helpful as they want people to use either outlook or better still log-on to their e-mail using the web. I don't even want to use their e-mail-what is the point when I move jobs again in a year. What I do currently is use an IMAP account from my last job which I've set to forward to my "e-mail for life" from my undergrad uni. I basically only give out my life e-mail address and this also goes on all my papers.
If I can't access this easily and sort all my mail in all the folders I've created to filter out things like facebook etc. I'm wondering what the point of mac mail is.

Yeah, that stuff normally works for me. Unfortunately this is a situation where you have to use an external Cisco VPN client software, whether you like it or not. Its this horrible clunky thing (which at least half works I guess). So its only like normal wi-fi in terms of selecting the network, then you have to open up this application and put in your log-in etc. Most of the settings on this client seem locked, so there isn't much I can do to configure it.
I've just got to my (temporary) accommodation which doesn't have wi-fi or VPN (just ethernet) and my mail is working again-so it must be the VPN. Goodness knows how it works with an iPod touch (interested in getting one but kind of pointless if I spend most of my time at work and it doesn't work...)
Thanks for your suggestions though!

Cisco VPN Client and Quick VPN interaction?

I have both a Cisco VPN client for connecting to my company LAN and a QuickVPN client for connecting to my home LAN installed on my W2K laptop. Both start and run correctly, and both connect just as they should. My home LAN uses a WRV54G router to provide VPN connection. I can alternate back and forth between the two clients and connect to each LAN with no obvious issues, but not at the same time, of course.
Here's the question. When I connect to the home LAN, I can log on with no problem and I can remotely administer the WRV54G with no problem. I can ping all of the wired and wireless W2K computers on my home LAN with no problem. However, I cannot "see", browse or map any of the shared resources on my home LAN. I have created user accounts on the home LAN computers for my laptop and router logins and I have given these accounts permissions to my shared resources, but I still cannot get to them. Linksys tech support has been absolutely no help whatsoever, even after repeated attempts.
While trying to troubleshoot this myself, I've noticed that when the Cisco VPN client is running and I'm connected to my company LAN, the IP address and subnet of my computer is changed to ones assigned by the DHCP server at my company. This seems to happen because the Cisco client activates the "Local Area Connection Number 2" on my laptop and assigns IP addresses using it. However, when I'm using the QuickVPN client to connect to my home, the IP address and subnet of my laptop continues to be those assigned by whatever local network I'm connected to (e.g. hotel, etc).
I'm wondering if the QuickVPN is supposed to be assigning an IP address and subnet to my laptop from the WRV54G's DHCP server when I connect to my home LAN. If so, could the Cisco VPN client installed on my laptop be preventing that from happening?
Sorry for the long post, but I'm at my wit's end on this one and Linksys is just no help at all.

1. The Cisco VPN client creates a virtual interface on your computer. This allows you to route traffic to the tunnel. The QuickVPN client is simpler. It only encrypts the traffic to the other end. It does not use a virtual interface. That's why you don't have another IP address when connected with QuickVPN. QuickVPN only encrypts IP packets with IPSec from your computer to 192.168.1.* (or whatever you may use on your WRV LAN) and sends them to the WRV's public IP address.
2. Microsoft Windows file sharing and LAN network browsing depends on network broadcasts. Those only work inside a LAN. If you connect from the outside to a LAN, broadcasts won't go through the VPN tunnel. This means you cannot use standard name windows workgroup name resolution to access shares. Those are propagated with broadcasts which will never go through the VPN tunnel. This means you are not able to use workgroup browsing. All you can to do access your shares is to use the IP address of the other computer.
In short:
\\mycomputer\share won't work
\\192.168.1.50\share works
(assuming the general sharing setup is O.K., i.e. you can use sharing correctly inside your LAN).
Of course, firewalls on the server end may cause problems. Access comes in from a public IP address. This may be blocked. Check the firewall logs on the server to find out if this is the case or not.
Moreover, establishing the VPN connection from a private LAN to a private LAN may not work. This is due to the double network address translation which breaks IPSec and thus the connection. If the hotel uses private IP addresses, this may be the case. But in that case you won't get ping responses from your WRV LAN.
What definitively won't work is in case when the hotel uses the same IP address subnet as you. If the hotel uses 192.168.1.* addresses and your WRV uses 192.168.1.* addresses you cannot connect. QuickVPN does only IPSec tunneling. There is no address translation in QuickVPN. Therefore connecting the identical private IP address subnet through QuickVPN will never work because all addresses exists twice, once on either side.

X86 cisco vpn client

Is there a Cisco vpn client for Solaris x86 ? I cannot find one on their website. How are Sun employees connecting to the Sun vpn if running Solarix 10 x86 on a desltop ?
TIA
Brian

Brian,
The Cisco vpn client is available internally from the iWork site.
Don't know if it is readily available externally.
Karl

ASA500: migrate from Cisco VPN Client to native Windows VPN connection

We have a need at this time for only one of our computers to allow 2 Windows users to connect to our network thru VPN (it's a work share situation, they will not both be logged on the same day). We happily use the old Cisco VPN client for everyone else. But the old client will not install twice on the same machine, nor is there the option to "install for any user".
Thinking to KISS and not invest at this point, trying to get Windows native VPN to work ?
What combination of settings will work in its properties->security tab to do the same IKE IPsec over UDP(NAT) and with group auth along with the individual's login?
... (so no reconfiguration is needed in the ASA?)
Or are one of the other "type of VPN" will need minimal change on the ASA ?

Thank you.
I found this: http://www.cisco.com/c/en/us/td/docs/security/asa/asa72/configuration/guide/conf_gd/l2tp_ips.html#wp1041306
Will this have any effect on the rest of the users?
Step 1 Specify IPSec to use transport mode rather than tunnel mode with the mode keyword of the crypto ipsec transform-set command:
hostname(config)# crypto ipsec transform-set trans_name mode transport

Will the old Cisco VPN Client (version Windows - 5.0.07.0440) work on a 5510

I plan to upgrade our Cisco ASA 5510 from 8.2 to 8.3. However I have 20-30remote users running the older Cisco VPN Client that connect remotely to the ASA (version Windows - 5.0.07.0440 - not Anyconnect).
My question is will the upgrade to 8.3 still allow the users to use the same Cisco VPN client or will I need to upgrade each workstation to the newer Cisco AnyConnect?
I appreciate any help that can be provided.

You can do that with no problem. Even the new 9.x ASA software is compatible with the old Cisco VPN client for IPSec remote access VPN.
That client software might not work very well with newer client operating systems like Windows 8 but the ASA end will continue to allow them to connect.

Linksys VPN client for MAC

I can't find any information on it. Anyone know where I can download the client for it?

hi...there is no linksys vpn client for the MAC OS

Is there a 64-bit version of the VPN Client for Vista coming?

Is there a 64-bit version of the VPN Client for Vista coming for the VPN 3000 series concentrators?

February 18, 2010
Due to popular demand, the Cisco VPN Client v5.0.7 open beta is now available!
In addition to serving as a general maintenance release, the Cisco VPN Client 5.0.7 beta is compatible with Windows 7 & Windows Vista 64-bit environments.
A 64-bit specific compatible image is available for installation on these platforms.
Please have communicate feedback (both positive and problems) to [email protected]
Key Capabilities available for Beta Testing:
New Platform support – Windows 7 & Windows Vista 64-bit platform compatibility
Software Access: http://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=281940730 (under 5.BETA)
Software is available for download by any customer with a Cisco.com SMARTnet™ enabled login.
Release Notes will be available next week via a link once the download image is selected.

Resources for migration from legacy Cisco VPN client to AnyConnect?

As the legacy client is now officially EOL'd, and it is having issues with Windows 7 - the need has presented itself to migrate to AnyConnect.
The complicating issue here is that many of the machines that need to be migrated connect remotely and never touch a corporate LAN - as such - I need to devise a means to remotely and seamlessly (as much as possible) migrate from old to new. Sounds a bit like changing the wings on a flying plane, but I'm guessing others have had to face the same issue. By procrastinating this migration - my hope is that your blood spilled will be mine saved? (Just kidding. Sorta).
Any tips, input, suggestion, procedures, FAQs, good luck wishes, etc. greatly appreciated.
Cheers,
JP

Hi Andy
Anyconnect licensing is a little complicated, but 99% of the time you only need the "Essentials" AnyConnect license for your ASAs. This gives you everything that you have using the old Cisco VPN Client.
Essentials is licensed per ASA, and not per user like the other ASA AnyConnect licenses.
AnyConnect Premium gives you all that Essentials give you plus "clientless" VPN (Web portal type stuff).
Configuration wize - it's pretty simple and similar to how you configure the old VPN support. There's a wizard to assist you in configuring it if you like that kind of thing.
HTH
Barry Hesk
Intrinsic Network Solutions

Cisco VPN Client Driver for Atom Processor Tablet

I recently bought a Dell Venue 8 Pro and installed Cisco VPN Client (5.0.05.0290). I get the Error message "Reason 440: Driver Failure"
This is perhaps this is because the client driver is not compatible with the Atom processor of the Venue 8 Pro. I have serched Dell for a driver but found none.
Any ideas?
Thanks,
H

Hi,
According to your description, I think it is compatibility problem.
I suggest you use the vpn in the windows 7 compatibility mode.
Making older programs compatible with this version of Windows:
http://windows.microsoft.com/en-GB/windows-8/older-programs-compatible-version-windows
If it doesn't work, I suggest you use the method as the following thread mentioned:
http://social.technet.microsoft.com/Forums/windows/en-US/ad556ff3-8d33-453e-8b16-71e36e23e2c6/cisco-vpn-client-and-windows-81-preview-determinist-network-enhancer-dilema?forum=w8itpronetworking
Hope this helps.
Regards,
Kelvin hsu
TechNet Community Support

Which ports to open in PIX for outgoing Cisco VPN client connections ?

I have Cisco vpn clients behind the PIX and i want them to connect to a vpn 3005 which i behind another PIX . Can anybody tell me which ports i have to open on both the PIX firewalls ?

It depends on how you have deployed your VPN Remote Access users.
By default, if you enable IPSec-Over-TCP or IPSec-over-UDP, then port 10000 is used for both, these methods are Cisco Proprietary and can be changed.
If you use NAT-T (NAT Traversal), the Standards-based implementation, then it uses UDP-4500).
either way, the operation of the VPN depends on:
1) Whether these service have been enable on the VPN Concentrator
2) Enabling the relevant transport settings on the VPN Client connection Properties.
Regarding the PIX infront of the VPNC3005, you will need to allow these above ports inbound to your VPNC3005 Public interface.
Locally, it depends if you filter outbound connections through your PIX. If you don't, then the PIX will allow the connection for the VPN Client attempting to access the remote VPNC3005

Is there really a Cisco VPN client for Linux? _Really?_

Similar Messages

Maybe you are looking for