[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

help needed in using vpnc in Debian Sarge

Last night I tried to intall vpnc in my Debian Sarge running 2.6.9 and apt-get'ed this:
ii  vpnc     0.3.2+SVN20041123-1       Cisco-compatible VPN client

I read it's README files. Next, I downloaded the .pcf file from my university's VPN FAQ page for Linux and converted it to a conf file like so:
/usr/share/vpnc/pcf2vpnc my-univ.pcf > my-univ.conf

and obtained this:
> cat /etc/vpnc/my-univ.conf
## generated by pcf2vpnc.pl
## Stefan Tomanek <stefan@pico.ruhr.de>
IPSec ID my-univ
IPSec gateway <host name here>
Xauth password <my password here>
Xauth username <my username here>

Next, I introduced this iptables rule in my firewall:
$IPTABLES -I INPUT -p udp -s <host name here> --dport 500 -j ACCEPT

Now the problems:
1) I cannot connect as a normal user. Is this how it is supposed to work? When I try, I get this:
{vpn}> /usr/sbin/vpnc-connect /etc/vpnc/my-univ.conf
Secure memory is not locked into core
Enter IPSec secret for my-univ@<host name here>:
/usr/sbin/vpnc: binding to port 500: Permission denied

2) If I try as root, I get:
# /usr/sbin/vpnc-connect /etc/vpnc/my-univ.conf
Enter IPSec secret for my-univ@<host name here>:
Your session is now encrypted
VPNC started in background (pid: 18179)...

However, now pinging doesn't work, neither with IP numbers nor with domain names. DNS doesn't seem to be working
# ping yahoo.com
ping: unknown host yahoo.com

/etc/resolv.conf gets updated and shows new DNS IPs listed there. ifconfig shows the new interface tun0: tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:x.y.z.a  P-t-P:x.y.z.a  Mask:
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:10
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

Is there some way I have to tell my system not to use eth0 anymore? It is still up. Or what am I missing something else?


Please remove the underscores ( the '_' symbols) from my email address to obtain the correct one. Apologies, but the fudging is to remove spam.

Reply to: