Informatiseringscentrum ICTS University of Amsterdam VPN Linux User Guide (Version 1.2) Date 8 December 2014
Contents Introduction... 3 Installation steps... 3 Page 2 University of Amsterdam TS Datel VPN Linux User Manual Version 1.2
Introduction The University of Amsterdam offers remote access for students and employees to its IT network via a VPN service. In order to login you must be in possession of a UvA ID and password. This document describes how Linux users may gain access to the University network by using the VPN. As a Linux user there are 4 requirements that you need to access the network. 1. The Java Runtime Environment (JRE) 2. Network Connect software 3. The security certificate 4. UvA ID and password In you already have Java installed then you may skip steps 1 and 2. Normally Java Runtime Environment is already installed. Therefore you may proceed straight to step 3 which concerns installing the Network Connect software. The network connect client software and security certificate are both found on the uva website and should be installed in the same directory on your PC. The UvA ID and password are arranged when you join the University. Installation steps Step 1: Check of your machine has java runtime environment(jre) installed. If JRE is not installed follow Step2, else go to Step 3. Network Connect depends on Java, so Java should be installed on your machine. Java version 6 or 7 are sufficient. Use the link below to carry out the check. Go to http://www.java.com/en/download/installed.jsp?detect=jre&try=1 If JRE is not installed then go to step 2. Step 2: Install Java Runtime Environment on your machine. Choose below the instructions that fits your Linux installation. To obtain JRE downloads and user guides please use the following link: http://www.java.com/en/download/manual.jsp Once JRE has been installed test the installation once again as described in step 1. Red Hat or CentOS: Download JRE (rpm.bin) from the Oracle (Java) site and close all the browser instances. Start the terminal and install the JRE: chmod +x jre-6xxx-linux-i586.rpm.bin./jre-6xxx-linux-i586.rpm.bin Link JRE to the browser: cd /usr/lib/mozilla/plugins/ ln -s /usr/java/jre1.6.0_24/lib/i386/libnpjp2.so Page 3 University of Amsterdam TS Datel VPN Linux User Manual Version 1.2
Debian based systemen (Ubuntu, Mint) Start the terminal and install the JRE. Download the correct version ( 32 or 64 bits ) of Java Runtime Environment from: http://www.java.com/en/download/manual.jsp Methode 1 (this is preferred but does not work for all Linux installations): sudo add-apt-repository "deb http://archive.canonical.com/ lucid partner" sudo apt-get update sudo apt-get install sun-java6-jre sun-java6-plugin Method 2 (if method 1 does not work): Unpack the JRE and install: tar -zxvf jre-7u10-linux-i586.tar.gz sudo mv -v jre1.7.0_* /opt/java/32 cd /opt/java/32/ sudo update-alternatives --install "/usr/bin/java" "java" "/opt/java/32/jre1.7.0_10/bin/java" 1 sudo update-alternatives --set java /opt/java/32/jre1.7.0_10/bin/java Link the JRE to the browser: mkdir -v ~/.mozilla/plugins ln -s /opt/java/32/jre1.7.0_10/lib/i386/libnpjp2.so ~/.mozilla/plugins/ OpenSuse Download JRE (rpm.bin) from the Oracle website or install this via YAST (preferable). Start the terminal: cd /usr/lib/mozilla/plugins ln -s /usr/lib/jdk/java/libnpjp2.so Step 3: Download the Network Connect software (linux_vpn_network_connect) from http://www.uva.nl/vpn (.rpm for Red Hat based systems,.deb for Debian based systems) Step 4: Install the RPM. Red Hat or CentOS Open a terminal window and install the rpm as root -user su (then type in the root password) rpm -ivh linux_vpn_network_connect.rpm Debian based systems (Ubuntu, Mint) Install the.deb sudo dpkg -i linux_vpn_network_connect.deb OpenSuse Install the software with help from yast linux_vpn_network_connect.rpm Page 4 University of Amsterdam TS Datel VPN Linux User Manual Version 1.2
Note: All files should be placed in the directory: /usr/local/nc ncsvc - The Network Connect service application ncdiag - The Network Connect diagnostics application libncui.so - The library which is included in the ncui C code, necessary for the GUI NC.jar -The.jar file (GUI) Step 5: Go to the nc directory cd /usr/local/nc. Step 6: Download the certificate from the VPN-portal. Download the certificate certificaat-uvavpn.der from the VPN-portal http://www.uva.nl/vpn and copy to /usr/local/nc Step 7: Start ncsvc in order to connect to uvavpn.uva.nl using the command you see below. Note: ncsvc should be started from /usr/local/nc Fill in your UvA accountid in the correct position replacing <username> with your UvAnetID. Command to start ncsvc :./ncsvc -h uvavpn.uva.nl -u <username> -r users -f certificaat-uvavpn.der Authenticate using your (UvAnetID) password. If you u wish to connect to the UvAVPN via een proxy then select the correct options when starting ncsvc. proxy-server-ip: The ip-address van de proxy-server proxy-port: The port that the proxyserver uses proxy-username: The username for the proxy proxy-password: The password for the proxy proxy-domain: The domain of the proxy The complete command then becomes :./ncsvc -h uvavpn.uva.nl -u <username> -r users -f certificaat-uvavpn.der -y <proxy- server-ip> -z <proxy-port> [-x <proxy-username> -a <proxy_password> [- d<proxy_domain>]] Between the brackets [...] are the options of the proxy. The values are dependent on the proxy Step 8: Stopping ncsvc. In order to stop the vpn session requires stopping ncsvc. This is accomplished using ^c (Ctrl + c) Page 5 University of Amsterdam TS Datel VPN Linux User Manual Version 1.2