日期:2014-05-16  浏览次数:20728 次

Linux下安装Cicso vpn client的曲折经历

过程极其曲折、折腾。


下载vpnclient-linux-x86_64-4.8.02.0030-k9.tar.gz

解压缩 tar-zxf vpnclient-linux-x86_64-4.8.02.0030-k9.tar.gz

执行安装 ./vpn_install

第一个碉堡:

Cisco Systems VPN Client Version 4.8.02 (0030) Linux Installer
Copyright (C) 1998-2006 Cisco Systems, Inc. All Rights Reserved.

By installing this product you agree that you have read the
license.txt file (The VPN Client license) and will comply with
its terms.


Directory where binaries will be installed [/usr/local/bin]

Automatically start the VPN service at boot time [yes]

In order to build the VPN kernel module, you must have the
kernel headers for the version of the kernel you are running.

For RedHat 6.x users these files are installed in /usr/src/linux by default
For RedHat 7.x users these files are installed in /usr/src/linux-2.4 by default
For Suse 7.3 users these files are installed in /usr/src/linux-2.4.10.SuSE by default

Directory containing linux kernel source code []

* Binaries will be installed in "/usr/local/bin".
* Modules will be installed in "/lib/modules/2.6.18-238.el5/CiscoVPN".
* The VPN service will be started AUTOMATICALLY at boot time.
* Kernel source from "" will be used to build the module.

Is the above correct [y]y

Making module
./driver_build.sh
Cisco Systems VPN Client Version BUILDVER_STRING
Copyright (C) 1998-2001 Cisco Systems, Inc. All Rights Reserved.

usage:
    ./driver_build.sh 'kernel_src_dir'

'kernel_src_dir' is the directory containing the linux kernel sour
ce

Failed to make module "cisco_ipsec.ko".


遇到问题,按照国际惯例,google之。

google出一堆英文网站,他们给的解决办法是打补丁,于是一个一个补丁地去试。盲目跟从别人的做法果然没有好结果,没一个补丁解决了问题。

还是得仔细看错误信息,发现vpnclinet的安装需要使用linux kernel source,于是安装kernel-devel:

yum install kernel-devel

问题还在。现在安装的kernel-devel版本是2.6.18-308.20.1.el5,而我目前的系统是旧的2.6.18-238.el5,因此还需更新内核:

yum update kernel

reboot之后,再执行vpn_install,新的问题又来了。

第二个碉堡:

Making module
make -C /lib/modules/2.6.18-308.20.1.el5/build SUBDIRS=/home/ytf/vpnclient modules
make[1]: Entering directory `/usr/src/kernels/2.6.18-308.20.1.el5-x86_64'
  CC [M]  /home/ytf/vpnclient/interceptor.o
In file included from /home/ytf/vpnclient/Cniapi.h:15,
                 from /home/ytf/vpnclient/interceptor.c:34:
/home/ytf/vpnclient/GenDefs.h:111:2: warning: #warning 64 bit
/home/ytf/vpnclient/interceptor.c: In function ‘recv_ip_packet_handler’:
/home/ytf/vpnclient/interceptor.c:660: error: ‘struct sk_buff’ has no member named ‘mac_header’
make[2]: *** [/home/ytf/vpnclient/interceptor.o] Error 1
make[1]: *** [_module_/home/ytf/vpnclient] Error 2
make[1]: Leaving directory `/usr/src/kernels/2.6.18-308.20.1.el5-x86_64'
make: *** [default] Error 2
Failed to make module "cisco_ipsec.ko".

解决办法,打补丁:

wget http://lamnk.com/download/vpnclient-linux-4.8.02-64bit.patch

patch <./vpnclient-linux-4.8.02-64bit.patch

网上找的各种补丁不要盲目使用,得对症下药。


总算安装成功了,下面正常流程。

启动初始化服务

/etc/init.d/vpnclient_init start

配置

cd /etc/opt/cisco-vpnclient/Profiles/

cp sample.pcf xxxxxx.pcf

vim xxxxxx.pcf

建立连接

vpnclient connect xxxxxx

断开vpn连接

vpnclient disconnect


事情还没完,连接过程中什么文件不可读,连不上vpn子系统神马的,真的很不好用。