VPNC is a VPN client for use with Cisco IPSec servers. Network manager applet now perfectly integrates with VPNC making establishing a VPN connection as effortless as with Windows 7 (once it is setup). The advantages of using VPNC are:
- Native 64 bit support
- Integration with NM applet (you no longer have to keep a terminal window open for the duration of the connection)
- No more ‘Kernel Tainting’ using the Cisco proprietary drivers – VPNC runs entirely in user space
The required components are not installed by default. However, it is trivial to setup using apt-get:
sudo apt-get install vpnc network-manager-vpnc network-manager-vpnc-gnome
Now, the VPNC plugin is added along with the default PPTP plugin to the network manager vpn options.
The next step is to download your organization .pcf (profile config file) file. UF VPN users can Download it from here (requires gatorlink auth).. Look for the link labeled “VPN Configuration file” at the bottom of the page.
The .pcf file contains, among other parameters:
- Server name/Gateway
- Group name
- Group password (encrypted)
This file can now be imported using the vpnc plugin. From the NM applet, click on ‘VPN Connections’->’Configure VPN’->’Import’:
Using the ‘Select File’ dialog box, select the downloaded .pcf file, and click on “Open”. All essential fields will be imported and displayed:
A few changes need to be made to the imported settings:
- Change the group name from vpn-auth-mga to vpn-auth (mga stands for “mutual group auth”.. it is not currently supported by VPNC on Ubuntu)
- Replace ‘firstname.lastname@example.org’ with your gatorlink username followed by “@ufl.edu”
- Set the domain as “ad.ufl.edu”
- The “Group password” field is already filled in .. This is in encrypted form in the .pcf file (enc_GroupPwd)
Click on the “Apply” button.
You will be prompted to unlock your keyring. DO NOT ENTER YOUR PASSWORD HERE .. JUST CANCEL OUT- This is critical. There seems to be some issue with vpnc accessing the keyring. Once this is done, close out the nm dialog.
Now, you are ready to connect to the VPN server. Go ahead and click on “VPN connections”->”UF Gatorlink ..”. You will be prompted for your keyring password first… Enter your admin password(Ubuntu).. thereafter, you will be prompted for your gatorlink password.
If all goes well, you should be connected. An easy way to check if traffic is going through the vpn is to use the “Network tools” application under “System”->”Administration”:
You should find data being transmitted through the VPN tunnel as shown above.
Note that connecting using email@example.com results in a “Full vpn”.. that is, ALL your traffic is encrypted through UF servers. This causes a load on the vpn service when multiple users tunnel in. It is more bandwidth friendly to use a “campus only” vpn – Substitute “firstname.lastname@example.org” with “email@example.com/campus” in the “username” field. This will ONLY cause traffic to and from ufl.edu to be encrypted (and should suffice for most needs. Library e-book access, however requires full vpn).