Saturday, May 21, 2011

Setup VPN using RSA SecurID software Token On Ubuntu

This post will help in configuring RSA SecurID Software Token for use on linux with Cisco VPN client on Ubuntu 10.04

Installing RSA securID software

You should already be having RSA SecurID software Token software and your key file with you.

Install wine on ubuntu if you don't have it yet as
sudo aptitude install wine

Once you have wine installed, you need to configure wine by running
winecfg

Create a new Drive Z: to provide access to either your home directory or to the whole filesystem

Now Install RSA SecurID Software in wine as
wine ./RSA_SecurID_Software_Token_3.0.5.exe

This should install the software, and add a menu item in 'Applications->Wine->Programs'. Run the RSA SecurID software from the menu and import the key.

Installing VPNC 

vpnc can be installed from repositories
sudo aptitude install vpnc

If you have your VPN server info as a pcf file, then it needs to be converted into a vpnc format


mkdir vpnclient
cd vpnclient
wget http://www.unix-ag.uni-kl.de/~massar/soft/cisco-decrypt.c
sudo apt-get install libgcrypt11-dev
gcc -Wall -o cisco-decrypt cisco-decrypt.c $(libgcrypt-config --libs --cflags)
chmod +x cisco-decrypt
sudo cp cisco-decrypt /usr/bin
wget http://svn.unix-ag.uni-kl.de/vpnc/trunk/pcf2vpnc
sudo cp pcf2vpnc /usr/bin
pcf2vpnc XXX.pcf > XXX.conf

sudo cp XXX.conf  /etc/vpnc/

The above steps would convert the pcf into vpnc format and get it ready for use

Using RSA TokenCode/PassCode with vpnc

Now we need to get vpnc use the token generated by RSA SecurID for authentication. Along with the software token, there is a PIN associated with. Switch RSA to 'Advanced View' and enter PIN and enter PIN there, you should have


When you run vpnc from command line, you need to use 'Current PASSCODE' as your password. It might prompt you for Next passcode in which use the 'Next PASSCODE' as displayed in above image

root@XXX:/etc/vpnc# vpnc --xauth-inter XXX
Enter Username and Password.
Passcode for VPN XXX@XXX.XXX.XXX.XXX:
Enter Next PASSCODE:
Passcode for VPN XXX@XXX.XXX.XXX.XXX:
VPNC started in background (pid: 26055)...
root@XXX:/etc/vpnc#


References
http://www.ubuntugeek.com/how-to-setup-cisco-vpn-using-vpnc-ubuntu-jaunty-9-04.html
http://lists.unix-ag.uni-kl.de/pipermail/vpnc-devel/2009-April/003023.html
http://codehunk.wordpress.com/2010/05/11/rsa-securid-token-on-gnulinux/
Posted by Bhargava Kumar K at 02:07
Labels:

5 comments:

  1. AnonymousOctober 13, 2011 at 5:17 PM

    great!!! , Thx mate !
    works like a charm :)

    /l3v

    ReplyDelete
  2. AnonymousJanuary 23, 2012 at 6:49 AM

    it would have made sense if you told where you got RSA_SecurID_Software_Token_3.0.5.exe from ? it feels like as though you think it is part of wine. ....

    ReplyDelete
  3. AnonymousMarch 31, 2012 at 7:09 AM

    "it would have made sense if you told where you got RSA_SecurID_Software_Token_3.0.5.exe from ? it feels like as though you think it is part of wine. ...."

    Pointless comment above by Anonymous Jan 22, 2012 05:19 PM
    The article is meant to help people who know what RSA_SecurID software is - stop complaining - nowhere is there an implication that RSA_SecurID is part of wine

    ReplyDelete
  4. AnonymousAugust 27, 2015 at 7:12 PM

    Great installation guide.Thank you very much.
    top10-bestvpn.com

    ReplyDelete
  5. UnknownSeptember 20, 2015 at 11:21 PM

    Thanks a lot.Good installation guide and manual for VPN.
    Cool software.It work good.
    http://10webhostingservice.com/

    ReplyDelete

Subscribe to: Post Comments (Atom)