JNC under ElementaryOs/Ubuntu
Here is the way to simply install JNC (Juniper Network Connect which is the Juniper VPN client) under ElementaryOs or Ubuntu
1/ Installing Oracle Java and download the Juniper software
If you're under a 32 bits version (uname -a => i386)
natjohan:~$ sudo add-apt-repository ppa:webupd8team/java natjohan:~$ sudo apt-get update natjohan:~$ sudo apt-get install oracle-java7-set-default
Now, goes on your Juniper VPN server through your favorite web browser (https://vpn.mycompany.com), just login and then click on the start button next to the Network Connect item
/!\ Don't forget to accept execution of the Java applet in your web browser
Once you click on it a message will appear
Just wait few minutes, nothing happens but the JNC software should be downloaded under your home directory at ~/.juniper_networks/network_connect. If not, just go to https://vpn.mycompany.com/dana-cached/nc/ncLinuxApp.jar in order to download the jar file
If you're under 64 bits or if you don't want to install java at all (you're right !), just go to https://vpn.mycompany.com, just login an go to https://vpn.mycompany.com/dana-cached/nc/ncLinuxApp.jar and download it on your computer.
2/ Installing JNC wrapper
We will install JNC which is a perl wrapper for the Juniper network connect client provides by Klara Mall.
natjohan:~$ sudo chown root:root ~/.juniper_networks/network_connect/ncsvc natjohan:~$ cd .juniper_networks natjohan:~$ unzip ~/.juniper_networks/ncLinuxApp.jar -d ~/.juniper_networks/network_connect/ natjohan:~$ sudo chown root:root ~/.juniper_networks/network_connect/ncsvc natjohan:~$ sudo chmod 6711 ~/.juniper_networks/network_connect/ncsvc natjohan:~$ chmod 744 ~/.juniper_networks/network_connect/ncdiag natjohan:~$ cd /usr/local/bin natjohan:/usr/local/bin$ sudo wget http://www.scc.kit.edu/scc/net/juniper-vpn/linux/jnc natjohan:/usr/local/bin$ chmod a+x jnc natjohan:~$ sudo aptitude install openssl
Create the config directory
natjohan:~$ mkdir -p ~/.juniper_networks/network_connect/config
And now you can edit mycompanyvpn.conf under this directory with the following parameters
host=vpn.mycompany.com user=username realm=your_realm cafile=/etc/ssl/mycompanycertificate.pem
realm : if you don't know how to find your realm, just go to vpn.mycompany.com, take a look at the html source of this page and try to find a line like this
<input type="hidden" name="realm" value="REALMNAME">
If you don't find it, just try without this parameter or ask your IT department about that.
cafile : just go to your vpn.mycompany.com page with you browser and click on the https logo, then go to something like Show your certificate, then Details, and you probably can export (it depends on your web browser) it in the .pem format. Just save it under /etc/ssl/mycompanycertificate.pem (for example).
I know that you can put a password field in your config file, but you should not do that for obvious security reasons
3/ Launch JNC
Now you can launch JNC wrapper and use your company's VPN
natjohan:~$ jnc --nox mycompanyvpn Password: Connecting to XXXXX.com : 443. Waiting for ncsvc for 3 seconds... done ncsvc is running, but tunnel is not established yet. Waiting for 3 seconds... done. ncsvc is running in background (PID: 744): tunnel interface tun0, addr: X.X.X.X natjohan:~$
The --nox option is to launch jnc without gui. To stop it
natjohan:~$ jnc stop ncsvc is running, sending signal... terminated. natjohan:~$