Connecting to SBU Computer Science Palo Alto Network GlobalProtect Gateway from CentOS
The following documentation is based on Centos 7.4
Install the vpnc package on your system from the Centos epel repository. The EPEL repository is an additional package repository that provides easy access to install packages for commonly used software.
Install epel-release. Ensure you have root privileges:
# yum install epel-release
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: centos.mirror.constant.com
* extras: mirrors.centos.webair.com
* updates: repos-va.psychz.net
Resolving Dependencies
--> Running transaction check
---> Package epel-release.noarch 0:7-9 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
=====================================================================================
Package Arch Version Repository Size
=====================================================================================
Installing:
epel-release noarch 7-9 extras 14 k
Transaction Summary
=====================================================================================
Install 1 Package
Total download size: 14 k
Installed size: 24 k
Is this ok [y/d/N]: y
Downloading packages:
epel-release-7-9.noarch.rpm
14 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : epel-release-7-9.noarch
1/1
Verifying : epel-release-7-9.noarch
1/1
Installed:
epel-release.noarch 0:7-9
Complete!
Install vpnc. Ensure you have root privileges:
# yum install vpnc
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: centos.mirror.constant.com
* epel: mirror.es.its.nyu.edu
* extras: mirrors.centos.webair.com
* updates: repos-va.psychz.net
Resolving Dependencies
--> Running transaction check
---> Package vpnc.x86_64 0:0.5.3-22.svn457.el7 will be installed
--> Processing Dependency: vpnc-script for package: vpnc-0.5.3-22.svn457.el7.x86_64
--> Running transaction check
---> Package vpnc-script.noarch 0:0.5.3-22.svn457.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
=====================================================================================
Package Arch Version Repository Size
=====================================================================================
Installing:
vpnc x86_64 0.5.3-22.svn457.el7 epel 85 k
Installing for dependencies:
vpnc-script noarch 0.5.3-22.svn457.el7 epel 14 k
Transaction Summary
=====================================================================================
Install 1 Package (+1 Dependent package)
Total download size: 99 k
Installed size: 210 k
Is this ok [y/d/N]: y
Downloading packages:
warning: /var/cache/yum/x86_64/7/epel/packages/vpnc-0.5.3-22.svn457.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 352c64e5: NOKEY
Public key for vpnc-0.5.3-22.svn457.el7.x86_64.rpm is not installed
(1/2): vpnc-0.5.3-22.svn457.el7.x86_64.rpm
| 85 kB 00:00:00
(2/2): vpnc-script-0.5.3-22.svn457.el7.noarch.rpm
| 14 kB 00:00:00
-----------------------------------------------------------------------------------------------------------
Total 330 kB/s | 99 kB 00:00:00
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
Importing GPG key 0x352C64E5:
Userid : "Fedora EPEL (7) epel [at] fedoraproject.org>"
Fingerprint: 91e9 7d7c 4a5e 96f1 7f3e 888f 6a2f aea2 352c 64e5
Package : epel-release-7-9.noarch (@extras)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
Is this ok [y/N]: y
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : vpnc-script-0.5.3-22.svn457.el7.noarch
1/2
Installing : vpnc-0.5.3-22.svn457.el7.x86_64
2/2
Verifying : vpnc-script-0.5.3-22.svn457.el7.noarch
1/2
Verifying : vpnc-0.5.3-22.svn457.el7.x86_64
2/2
Installed:
vpnc.x86_64 0:0.5.3-22.svn457.el7
Dependency Installed:
vpnc-script.noarch 0:0.5.3-22.svn457.el7
Complete!
- Connect to CS vpn. You will be prompted for 2 sets of credentials.
IPsec ID: cs_mobile
IPSec secret: mobile
vpn.cs.stonybrook.edu: Use your Computer Science Active Directory user ID and password
Execute vpnc. Ensure you have root privileges:
# vpnc
Enter IPSec gateway address:vpn.cs.stonybrook.edu
Enter IPSec ID for vpn.cs.stonybrook.edu: cs_mobile
Enter IPSec secret for cs_mobile [at] vpn.cs.stonybrook.edu:
Enter username for vpn.cs.stonybrook.edu: cs\{your CS Active Directory user ID}
Enter password for cs\xxx [at] vpn.cs.stonybrook.edu:
VPNC started in background (pid: 26186)...
- To verify your VPN connection, execute the ifconfig command. The tun0 interface information shows your CS VPN IP address provided by the Palo Alto Global Protect Gateway.
# ifconfig
tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1342
inet 130.245.76.7 netmask 255.255.255.255 destination 130.245.76.7
inet6 fe80::8b82:19c3:53dd:3f14 prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC)
RX packets 83 bytes 83807 (81.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 88 bytes 9757 (9.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
- Disconnecting VPN connection:
$ sudo vpnc-disconnect
- Log in to post comments