Juniper setup on 12.04

Question

I have a laptop with Windows XP and Ubuntu 12.04 (32 bits). Until now, I used Windows XP to connect to a Juniper VPN but now I'd like to try it with Linux. I read the mad scientist walkthrough (including the sun java part) but I can't run the setup. I get the popup that ask me if I'm sure I want to run the applet but then, nothing.

mad-scientist says it's probably a C runtime lib problem and suggests to use his script with -nojava but he doesn't say how to install Network Connect in the first place. Any idea?

Thanks for any suggestion!

Laurian

PS: I have: Ubuntu 12.04 32bits Java from Sun 1.6.0.32 Firefox 12 xterm (I think it was suggested somehwere)

I don't have the answer, but I've asked the same question here: http://askubuntu.com/questions/130473/could-anyone-provide-a-step-by-step-for-getting-juniper-netconnect-and-citrix-up — JIm, May 22 '12 at 13:29
I think this is a better question than the other, as it has more specifics, and is only asking about one thing.... — belacqua, Jun 19 '12 at 18:01

score 16 · Answer 1 · edited Apr 13 '17 at 12:23

The latest version of openjdk and icedtea plugin work with Juniper VPN. Removing older and other versions of Java may also help.

See Could anyone provide a step by step for getting juniper netconnect and citrix?

This is one place where I found command line works better than the Ubuntu Software Center

First remove older versions of Java, both Oracle (Sun) and OpenJDK. For example, if you have OpenJDK 6 installed, type in a terminal:

sudo apt-get remove openjdk-6-jdk icedtea-6-plugin

Remove the Sun Java as well. If you have installed just the JRE, rather than JDK change the commands accordingly. Then install the OpenJDK-7 and corresponding plugin by:

sudo apt-get install openjdk-7-jdk icedtea-7-plugin

Open Firefox and test the version of Java is being used by going to this site http://www.java.com/en/download/testjava.jsp

Note: As of Chrome 35 , the Java support for the Chrome on Linux has been discontinued. You have to use Firefox to make Java (and therefore Network Connect) work.

If you see version 7 is running, you are ready to try Juniper VPN. If not you may have to remove the other version of Java. Hope this helps.

Update: for 64bit Ubuntu 12.04 to 13.10

From 7.3 onwards, Juniper SA devices support 64-bit Ubuntu for Network Connect.

First, install the 64bit jre/jdk and icedtea

sudo apt-get install openjdk-7-jre icedtea-7-plugin

Second, install the 32bit jre

sudo apt-get install openjdk-7-jre:i386

Note, do not install the 32bit icedtea. Make sure the 64bit is the default java. As long as the 32bit jre exists, Juniper will find the files it needs and run.

Tested on Ubuntu 13.04 64bit.

See Juniper Network Knowledge-base for details.

Update 2: for 64bit Ubuntu 14.04

Network Connect is looks for update-alternatives in /usr/sbin/ and there seems to be no symlink pointing to the right directory like 13.10 had.

In addition to the steps above for 64 bit Ubuntu 12.04-13.10, add symlink to /usr/sbin/ by:

sudo ln -s /usr/bin/update-alternatives /usr/sbin/

The 14.04 issue is explained in more detail at How to install Juniper VPN on Ubuntu 14.04 LTS?

Note that, in addition to the many many issues in getting Juniper to run on Linux, you also need to make sure, your browser supports it. Since Chrome 35 (~ May 2014), Java support on Linux (not on Windows though!) has been discontinued. See: How do I get Java plugin working on Google Chrome? — Domi, Oct 23 '14 at 13:32
@Domi Thanks. I will edit my answer to make it explicit that Chrome won't work. — user68186, Oct 23 '14 at 14:26
Very nice, ran the commands on a fresh Ubuntu 14.04 install, opened up FireFox and pointed it to the VPN landing page for the corp, and it fired right up! — Patrick F, Aug 25 '15 at 20:02

score 6 · Answer 2 · answered Sep 20 '12 at 14:41

6

I never got this working with just plain Java in my browser. Luckily, there's an other option here: http://mad-scientist.us/juniper.html :D

Of course, the best thing would be that it was all supported in Network Manager via the network-manager-vpnc package.

answered Sep 20 '12 at 14:41

carestad

993

1

I have, BTW, added a feature request for Network Manager. – carestad Oct 23 '12 at 17:19

score 4 · Answer 3 · answered Feb 03 '15 at 12:04

4

The open source OpenConnect VPN client now has support for Juniper. See http://www.infradead.org/openconnect/juniper.html

answered Feb 03 '15 at 12:04

dwmw2

41
1

1

THIS WORKS (Ubuntu Desktop 14.04 LTS)!!! EVEN SUPPORTS 2 FACTOR AUTHENTICATION (for my institution at least). #shutupandtakemymoney – FizxMike Aug 06 '15 at 03:57
It works (including two-factor), but you may need to use this option when building the source code (on my 64-bit 14.04 LTS system): ./configure --with-vpnc-script=/usr/share/vpnc-scripts/vpnc-script --without-gnutls
I prefer this option, because I don't want to deploy 32-bit java on a 64-bit system.

Note the '--without-gnutls' option ------ or openconnect will yell at you about TLS/SSL errors.
– Michael Galaxy Sep 15 '15 at 13:59

jalmargyyk · Answer 4 · 2014-03-28T21:18:54.003

Update for 14.04 Trusty Tahr (64-bit)

First run with Network Connect on 14.04 resulted a failure and Network Connect just complained about missing 32-bit libraries. My NC version is 7.4R6. I did have all the libraries installed and openjdk-7-jre:i386 installed.

Digging a little bit deeper revealed that Network Connect is using update-alternatives listing to decide if 32-bit jre is installed.

/usr/sbin/alternatives command not found
Command = /bin/sh -c /usr/sbin/update-alternatives --display java 2>&1 | grep -v "/bin/sh:" | grep ^/ | cut -d " " -f 1 | tr " " " "

However it's looking update-alternatives from /usr/sbin/ and there seems to be no symlink pointing to the right directory like 13.10 had. So adding symlink to /usr/sbin/ helped.

$ sudo ln -s /usr/bin/update-alternatives /usr/sbin/

Antonios Hadjigeorgalis · Answer 5 · 2013-06-03T17:53:04.387

Using the instructions here: http://www.rz.uni-karlsruhe.de/~iwr91/juniper/ I have juniper VPN running on Ubuntu 12.04 64bit with no 32 bit software installed except for these 3 libraries:

sudo apt-get install libc6-i386 lib32z1 lib32nss-mdns

I start the jnc perl script use the --nox option (no gui) and it works great, I use it everyday.

I originally downloaded the cert file using Firefox 64-bit: Tools>PageInfo>Security>View Certificate>details>export

I have since found this script that does the same: https://github.com/udomsak/juniper-ncui/blob/master/getx509certificate.sh

My particular configuration file required host, user, realm, and certfile. Yours may be different.

The certfile location configuration required the full path name, ~ did not expand to /home/username

score 0 · Answer 6 · answered Oct 20 '13 at 13:01

0

You can connect to a Juniper Network using Google Chrome and a few 32 bits libraries. Take a look at the post in my blog:

http://arecordon.blogspot.com.ar/2013/07/ubuntu-junipers-network-on-ubuntu64.html

I hope it helps.

answered Oct 20 '13 at 13:01

0R10N

2,126
3
17
20

3

Whilst this may theoretically answer the question, it would be preferable to include the essential parts of the answer here, and provide the link for reference. – kiri Oct 26 '13 at 07:48

Jeremy Jao · Answer 7 · 2015-01-20T15:42:52.270

I had problems even after following instructions (the network connect client will just crash). I was looking into the logs and found that the sh script to launch NC.jar required xterm. The solution is to install xterm for people with my problem:

sudo apt-get install xterm

I am using webupd8team's java oracle 8 as the default and manually installed java oracle 8 u25 32-bit manually from the oracle site.

EDIT: Only works on.... Linux Mint 17.1. I never actually got it to fully work consistently on Ubuntu 14.04.1

Juniper setup on 12.04

7 Answers7

Linked

Related