Re: lenny & VPN (ncsvc juniper netscreen)
Alex Huth wrote:
OK, i see now a little bit more:
Very Good !
20090904134653.678992 ncsvc[7837] ncsvc.info New ncsvc log level set to 5
(nccommon.cpp:75)
20090904134653.681107 ncsvc[7837] ncsvc.info Connecting to xxxx.xx.xxx.xxx:443
(ncsvc.cpp:461)
20090904134653.686965 ncsvc[7837] dsclient.para DSClient::authenticate():
user:huth&ewmr, password:... realm:Users (dsclient.cpp:212)
20090904134653.690287 ncsvc[7837] http_connection.para Starting a timed
connect with SSL session 0x8db1238, proxy 0:0, and timeout 30
(http_connection.cpp:171)
20090904134653.690306 ncsvc[7837] http_connection.para Entering
state_start_connection (http_connection.cpp:281)
20090904134653.691264 ncsvc[7837] http_connection.para Entering
state_continue_connection (http_connection.cpp:298)
20090904134653.691329 ncsvc[7837] http_connection.para Entering
state_ssl_connect (http_connection.cpp:467)
20090904134653.698877 ncsvc[7837] dsssl.para SSL connect ssl=0x8dba0f0/sd=4
connection using cipher RC4-MD5 (DSSSLSock.cpp:470)
20090904134653.698965 ncsvc[7837] dsssl.info ive_cert_hash =
eef47e27e290be450bb5351766e4a8de, computed_hash =
3822371386517bf8a8025caab65bcfee (DSSSLSock.cpp:519)
20090904134653.698980 ncsvc[7837] http_connection.para Returning DSHTTP_ERROR
from state_ssl_connect (http_connection.cpp:482)
20090904134653.699021 ncsvc[7837] DSInet.error failed to connect to
(sa01.de.tmr.net) error 100005 (dsinet.cpp:349)
20090904134653.699037 ncsvc[7837] dsclient.error unable to open URL:
(https://xxx.xx.xxx.xx/) with error -7 (dsclient.cpp:226)
20090904134653.699052 ncsvc[7837] ncapp.error Failed to authenticate with IVE.
Error 2 (ncsvc.cpp:192)
20090904134653.699071 ncsvc[7837] dsncuiapi.para DsNcUiApi::~DsNcUiApi
(dsncuiapi.cpp:72)
But what kind of Authentication error is this? Certificate? I have export the
certificate in the browser from the vpn server.
Try the jnc script wit a valid cafile : it will upload the pem, and so forth.
Then try with the pem file as done in the Perl scrip jnc.
On my side, in the jnc configuration file, the certfile option does not work as
expected (I wrote to the author), while the cafile option works.
So you may try.
Jerome
* Jerome BENOIT schrieb:
Alex Huth wrote:
Hi Jerome!
Oh, yes that's what i meant with solved the library problem:
sudo ldd /home/ahuth/.juniper_networks/network_connect/ncsvc
linux-gate.so.1 => (0xf7f16000)
libdl.so.2 => /lib32/libdl.so.2 (0xf7f04000)
libz.so.1 => /usr/lib32/libz.so.1 (0xf7eef000)
libpthread.so.0 => /lib32/libpthread.so.0 (0xf7ed8000)
libm.so.6 => /lib32/libm.so.6 (0xf7eb4000)
libc.so.6 => /lib32/libc.so.6 (0xf7d61000)
/lib/ld-linux.so.2 (0xf7f17000)
Alex
* Jerome BENOIT schrieb:
Hello Alex !
Alex Huth wrote:
Hi!
I have Debian Lenny installed on a AMD64bit laptop. Unfortunately i can't get
a vpn connect to my companys juniper netscreen. Not via browser (Iceweasel)
and not manually. I have already solved the library problem and used the
wrapper script jnc.
When trying to execute manually i get the error message ncsvc execution
failed. Nothing written to the log.
Has anybody got it working on a 64bit machine with Lenny?
I do !
Have you check the all the required 32 bits libraries are present on your box ?
To do so:
ldd ncsvc
hth,
Jerome
Thx
Alex
Next you may try as root ncsvc directly with log_level 5 to see
if the trouble come from the script or from ncsvc itself:
For usage:
ncsvc -h
Jerome
--
Jerome BENOIT
jgmbenoit_at_mailsnare_dot_net
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org with a
subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
--
Jerome BENOIT
jgmbenoit_at_mailsnare_dot_net
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org with a
subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
--
Jerome BENOIT
jgmbenoit_at_mailsnare_dot_net
Reply to: