Juniper-network-connect-debian-7.5-64-bit-wheezy

From aldeid
Jump to: navigation, search

Description

This tutorial explains how to install Juniper Network Connect (VPN client) on a Debian 7.5 "wheezy" 64 bit machine.

The issue about Juniper Network Connect for Linux is that the client is not initially developed to work with a 64 bit version, though its installation in a 64 bit version is still possible. The client relies on Java and we will need to install both 32 bit and 64 bit Java versions. The 32 bit version will only be used for the Juniper Network Connect application and the other for the rest. Notice that it is not necessary to have a 32 bit browser, as shown later in this tutorial.

Pre-requisites

First activate multiarch support:

$ sudo dpkg --add-architecture i386
$ sudo apt-get update

Installation

ia32-libs

In order to be able to run our 32 bit version of Java, we need to install some libraries, provided by ia32-libs:

$ sudo apt-get install ia32-libs
Info.png
Note
For Debian testing 8 "jessie" 64 bit, just install following packages: sudo apt-get install libc6-i386 libxext6:i386 libxrender1:i386 libxtst6:i386 lib32z1

Java

First of all, go to http://www.java.com/en/download/linux_manual.jsp and download both the 32 bit and 64 bit versions. Then extract them to /usr/java/:

$ sudo mkdir -p /usr/java/jre1.7.0_60-{i586,x64}
$ sudo tar --strip-components=1 -xzvf jre-7u60-linux-i586.tar.gz -C /usr/java/jre1.7.0_55-i586/
$ sudo tar --strip-components=1 -xzvf jre-7u60-linux-x64.tar.gz -C /usr/java/jre1.7.0_55-x64/

Now, let's bind the 64 bit version to our browser so that it's the version that will be used by the browser. Remember that the 32 bit version will only be used in command line for the Juniper Network Connect client.

$ mkdir ~/.mozilla/plugins/
$ cd ~/.mozilla/plugins/
$ ln -s /usr/java/jre1.7.0_60-x64/lib/amd64/libnpjp2.so

You can check that this has been successfully installed by restarting your browser and going to http://www.java.com/en/download/installed.jsp

Juniper Network Connect

Now, let's download Juniper Network Connect. To do that, connect to your VPN web portal and complete the installation process. As the Java version installed in our browser (64 bit) won't be compatible, it will fail to start the VPN client. But it will be fine because this process will install the client.

Configuration

Download the certificate

To be able to start the VPN client from command line, you first need to gather the certificate. To do that, you can use getx509certificate.sh:

$ cd /data/src/
$ wget https://raw.githubusercontent.com/udomsak/juniper-ncui/master/getx509certificate.sh
$ chmod +x getx509certificate.sh
$ ./getx509certificate.sh vpn.portal.url vpncert.crt

where vpn.portal.url is the URL of your VPN web portal.

Gather the realm field

Go to your VPN web portal and display the source code of the page. Gather the value of the realm field which is a hidden field:

Vpn-realm-field.png

Launcher script

Now we have everything we need to start our Juniper Network Connect client from command line. We can use following script:

#!/bin/sh
/usr/java/jre1.7.0_60-i586/bin/java \
  -classpath /home/user/.juniper_networks/network_connect/NC.jar NC \
  -h vpn.portal.url \
  -u username \
  -r "Internal_local" \
  -f /path/to/your/vpncert.crt

where:

  • -h is the URL of your VPN web portal
  • -u is your VPN username
  • -r is the value of the realm field
  • -f if the path to your certificate

Tests

Start your script in a terminal. It will prompt for your password. If everything is OK, you should be connected:

Juniper-network-connect.png

Comments

blog comments powered by Disqus

Keywords: juniper-network-connect VPN debian ia32-libs 32bit-64bit java multiarch