[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: VPN IPSec (Cisco vpnc)

2014-12-11 8:04 GMT+01:00 Hajder Rabiee <hajderr@gmail.com>:
> Hi
> Trying to connect to VPN at work but keep getting: "vpnc: no response from
> target".
> I have created my vpn.conf in /etc/vpnc/myconf.conf and also added Local
> Port 10000 as I've read some posts that the particular error message might
> have to do
> with a block in the firewall. Comparing with OSX - where the VPN works, the
> only difference is that I have to specify a group name in Linux. I have
> talked to the IT admins and gotten the correct group name. I wonder though
> is the Group Password the same as the shared key? Otherwise how do I
> specify it?

I followed this tutorial to connect to Palo Alto GlobalProtect using
vpnc protocol:


The group name and group password are distinct parameters. The IT
admin should give you both in addition to your own credentials.

In the case of Palo Alto, it was necessary to enable X-Auth. I don't
remember the error message I received when it was not enabled. OSX,
Android and Windows with the GlobalProtect client don't need the
X-Auth protocol. Only Linux's vpnc needs it. You may have some similar
settings on your VPN server.

I configured the vpn using the Network Manager in KDE so I don't know
about /etc/vpnc.

Make sure you are not trying to connect to the VPN server from inside
the lan. It doesn't work on my network. I can only connect from the

I also had to circumvent another problem after the connection was
established. The route to the gateway is set to Half of
the internet address space is routed through the VPN tunnel. I had to
configure vpnc to ignore the default route and add my own custom
routes (I did all of this in the Network Manager). OSX and Windows
receive the correct route though. I have yet to investigate more
deeply into that problem.


Reply to: