Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Gentoo + Juniper NetScreen?
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
exilejedi
n00b
n00b


Joined: 10 Aug 2003
Posts: 4

PostPosted: Fri Aug 26, 2005 3:02 pm    Post subject: Gentoo + Juniper NetScreen? Reply with quote

My workplace has recently replaced our Cisco VPN solution with Juniper Networks' NetScreen, which, as far as Linux goes, Juniper will only support on RedHat 9. I have no desire to install a discontinued OS that hasn't had any updates since April 2004, but my efforts to find out exactly what makes RH9 so special (and what exactly causes it to refuse to love my Gentoo desktop and laptop) have been met with "we only support RedHat 9." (Gotta love vendors...) Does anyone have any experience or insight with NetScreen that might be able to help me out?

Desktop: amd64 native, gentoo sources 2.6.9 (needs updating, I know), Firefox 1.0.6, tried with both the Blackdown 1.4.2 JRE and Sun's 1.5.0.

Laptop: x86, gentoo sources 2.6.11, Firefox 1.0.6, tried with both of the above Javas.
Back to top
View user's profile Send private message
schwicky
n00b
n00b


Joined: 13 Aug 2004
Posts: 27
Location: Langnau im Emmental

PostPosted: Fri Aug 26, 2005 4:09 pm    Post subject: Reply with quote

What exactly does not work? The IPSEC VPN connection? Why do you need java for this? Don't you use openswan or strongswan?
_________________
Nothing's impossible... Everything's relative!
Back to top
View user's profile Send private message
exilejedi
n00b
n00b


Joined: 10 Aug 2003
Posts: 4

PostPosted: Fri Aug 26, 2005 4:21 pm    Post subject: Reply with quote

It appears that what we've implemented is (almost) entirely browser-based. It runs a bunch of java applets to manage all the network chatter, and it looks like they refuse to run if you don't have a "supported" configuration on the client end. After complaining loudly enough, I have actually managed to authenticate and log in, but when it tries to load the portal interface, instead of presenting me with the usual controls, there's just a message that "You are not running a supported platform." At that point, the only thing it'll let me do is log out.

I wish I had the opportunity to be better informed about this -- our admins won't budge on any info, and Juniper's support forum and documentation require a license in order to view them (which I as a lowly dev just trying to get my job done am not privvy to).

It's a frustrating situation to say the least.
Back to top
View user's profile Send private message
kashani
Advocate
Advocate


Joined: 02 Sep 2002
Posts: 2032
Location: San Francisco

PostPosted: Fri Aug 26, 2005 6:00 pm    Post subject: Reply with quote

You might try telling the admins that you've now got Redhat 4.0 ES/AS for testing or some other reasonable excuse. Anything that works on 4.0 has a greater change of working on your Gentoo box without doing to too much work.

<rant> I used to think Juniper knew what they were doing and admittedly the old Netscreen client sucked, but a java craptacular client in its place? Ugh.

Hey you don't think the java will want NetworkManager or other Redhat-isms to make the routing and what not work?

kashani
_________________
Will personally fix your server in exchange for motorcycle related shop tools in good shape.
Back to top
View user's profile Send private message
chovy
Guru
Guru


Joined: 03 Dec 2004
Posts: 453

PostPosted: Wed Oct 26, 2005 10:23 pm    Post subject: Reply with quote

i'm having the same problem. When I load the Juniper VPN in FireFox, I get the error that java needs to be installed.

I can install it manually here (according to FireFox):

http://java.com/en/download/manual.jsp


Is "Java Runtime Environment Version 5.0 Update 5" in portage?
_________________
Woof, Woof! Add "[solved]" to the title! Woof, Woof!
Back to top
View user's profile Send private message
chovy
Guru
Guru


Joined: 03 Dec 2004
Posts: 453

PostPosted: Thu Oct 27, 2005 3:44 pm    Post subject: Reply with quote

Updated: emerge sun-j2re-bin (follow manual instructions).

NOw when I try the juniper vpn, I get this error:

Quote:
Please install:
libss.so.2
libcrypto.so.2


UPDATE:

Still having other problems, but I'm getting around the above error by symlinking the libs to *.so.2:

I'm still having trouble (Gentoo 2.6.11-r9) and java /opt/sun-jre-bin-1.5.0.05/...

I've symlinked the two missings libraries:
Code:

-r-xr-xr-x  1 root root 201344 Oct 28 13:33 libssl.so.0.9.7
lrwxrwxrwx  1 root root     15 Oct 28 13:48 libssl.so.2 -> libssl.so.0.9.7

-r-xr-xr-x  1 root root 1074768 Oct 28 13:33 libcrypto.so.0.9.7
lrwxrwxrwx  1 root root      18 Oct 28 13:49 libcrypto.so.2 -> libcrypto.so.0.9.7


If I remove ~/.juniper_networks folder in my home, "kill -9 java_vm" and "kill -9 java", then login to https://vpn.mywork.com, and go through the process, I first get terminal window asking for my root password to install the app (installNC.sh), after I provide it, I get a little java window that pops up and says "Assigned: 0.0.0.0" etc (too quick to read the whole thing). Then I check /etc/resolve.conf, and it still has my initial ip from my router:

# Generated by dhcpcd for interface eth0
domain gateway.2wire.net
nameserver 192.168.1.254

I'm stumped.
_________________
Woof, Woof! Add "[solved]" to the title! Woof, Woof!
Back to top
View user's profile Send private message
santo
n00b
n00b


Joined: 24 Apr 2002
Posts: 44
Location: Belgium

PostPosted: Thu Nov 17, 2005 8:53 am    Post subject: Reply with quote

Hi, did you manage to get this working ?

I'm in the same situation here:
we recently switched to Juniper, after having symlinked the necessary libs I can login and everything seems to work,
but I cannot actually access any machine at the office.

probably some routing tables that are not (correctly) set or something ?

any help appreciated
Back to top
View user's profile Send private message
santo
n00b
n00b


Joined: 24 Apr 2002
Posts: 44
Location: Belgium

PostPosted: Thu Nov 17, 2005 9:56 am    Post subject: Reply with quote

after some more searching, playing, trial and error, etc, I got the ncui script "working".

"working" between double quotes, because the only thing it does is starting up and then exiting again
But hey, this way I can do an strace etc :wink:

First of all, it seems that some file from within the jar file (ncLinuxApp.jar) were missing in my juniper folder (~/.juniper_networks/network_connect)
To be more specific: it's the META-INF folder, which contains the certificate.

So I extracted the folder from the ncLinuxApp.jar archive and placed it into the ~/.juniper_networks/network_connect folder.
This gives me the following layout in ~/.juniper_networks/network_connect:

Code:

version.txt
ncsvc*
META-INF/
META-INF/MANIFEST.MF
META-INF/IMPORTED.SF
META-INF/IMPORTED.RSA
xlaunchNC.sh*
runnc.log
ncui*
missing_libs
installNC.sh*
ncui.log


now I can start the client with the following command:

Code:

./.juniper_networks/network_connect/ncui -h secure.securit.biz -c ~/.mozilla/firefox/xk5niz5y.default/cookies.txt -f ~/.juniper_networks/network_connect/META-INF/IMPORTED.RSA

(where "xk5niz5y.default" is my firefox profile directory of course)

This launches the network connect client for several seconds (appr 2 seconds) and then exits.
The most important info it shows is:
Code:

Assigned IP : 0.0.0.0

-> for some reason, I don't get an IP address.

This is the content of the logfile (ncui.log):
Code:

20051117102925.624832 ncui[17281] ncapp.info cert_hash : 6bb12591375595be55483bed0c4cb7f1 (ncapp.cpp:70)
20051117102927.871697 ncui[17281] ncui.info received onDisconnect with reason = 5 (ncui.cpp:883)
20051117102927.894928 ncui[17281] ncapp.info waiting for NC service to stop! (ncapp.cpp:108)
20051117102927.914260 ncui[17281] ncapp.info done... (ncapp.cpp:110)


See the 2nd line ?
What does this mean ?

starting the client with strace gives me the following output:
Code:

execve("./.juniper_networks/network_connect/ncui", ["./.juniper_networks/network_conn"..., "-h", "secure.securit.biz", "-c", "/home/user1/.mozilla/firefox/xk5ni"..., "-f", "/home/user1/.juniper_networks/netw"...], [/* 54 vars */]) = 0
uname({sys="Linux", node="laptop01", ...}) = 0
brk(0)                                  = 0x80a5000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY)      = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=60867, ...}) = 0
mmap2(NULL, 60867, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7f13000
close(3)                                = 0
open("/usr/lib/libX11.so.6", O_RDONLY)  = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\360\23"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=966211, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f12000
mmap2(NULL, 875512, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7e3c000
mmap2(0xb7f0e000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xd1) = 0xb7f0e000
close(3)                                = 0
open("/usr/lib/libXm.so.3", O_RDONLY)   = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\0a\4\000"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=2600848, ...}) = 0
mmap2(NULL, 2591436, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7bc3000
mmap2(0xb7e22000, 102400, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x25f) = 0xb7e22000mmap2(0xb7e3b000, 2764, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7e3b000
close(3)                                = 0
open("/usr/lib/libXpm.so.4", O_RDONLY)  = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000#\0\000"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=73335, ...}) = 0
mmap2(NULL, 67652, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7bb2000
mmap2(0xb7bc2000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xf) = 0xb7bc2000
close(3)                                = 0
open("/usr/lib/libXt.so.6", O_RDONLY)   = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0@\276\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=406968, ...}) = 0
mmap2(NULL, 366332, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7b58000
mmap2(0xb7bae000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x56) = 0xb7bae000
mmap2(0xb7bb1000, 1788, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7bb1000
close(3)                                = 0
open("/usr/lib/libXp.so.6", O_RDONLY)   = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\200\35"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=35074, ...}) = 0
mmap2(NULL, 31472, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7b50000
mmap2(0xb7b57000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6) = 0xb7b57000
close(3)                                = 0
open("/lib/tls/i686/sse2/libssl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/lib/tls/i686/sse2", 0xbfc32d88) = -1 ENOENT (No such file or directory)
open("/lib/tls/i686/libssl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/lib/tls/i686", 0xbfc32d88)     = -1 ENOENT (No such file or directory)
open("/lib/tls/sse2/libssl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/lib/tls/sse2", 0xbfc32d88)     = -1 ENOENT (No such file or directory)
open("/lib/tls/libssl.so.2", O_RDONLY)  = -1 ENOENT (No such file or directory)
stat64("/lib/tls", 0xbfc32d88)          = -1 ENOENT (No such file or directory)
open("/lib/i686/sse2/libssl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/lib/i686/sse2", 0xbfc32d88)    = -1 ENOENT (No such file or directory)
open("/lib/i686/libssl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/lib/i686", 0xbfc32d88)         = -1 ENOENT (No such file or directory)
open("/lib/sse2/libssl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/lib/sse2", 0xbfc32d88)         = -1 ENOENT (No such file or directory)
open("/lib/libssl.so.2", O_RDONLY)      = -1 ENOENT (No such file or directory)
stat64("/lib", {st_mode=S_IFDIR|0755, st_size=5304, ...}) = 0
open("/usr/lib/tls/i686/sse2/libssl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/tls/i686/sse2", 0xbfc32d88) = -1 ENOENT (No such file or directory)
open("/usr/lib/tls/i686/libssl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/tls/i686", 0xbfc32d88) = -1 ENOENT (No such file or directory)
open("/usr/lib/tls/sse2/libssl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/tls/sse2", 0xbfc32d88) = -1 ENOENT (No such file or directory)
open("/usr/lib/tls/libssl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/tls", 0xbfc32d88)      = -1 ENOENT (No such file or directory)
open("/usr/lib/i686/sse2/libssl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/i686/sse2", 0xbfc32d88) = -1 ENOENT (No such file or directory)
open("/usr/lib/i686/libssl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/i686", 0xbfc32d88)     = -1 ENOENT (No such file or directory)
open("/usr/lib/sse2/libssl.so.2", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/sse2", 0xbfc32d88)     = -1 ENOENT (No such file or directory)
open("/usr/lib/libssl.so.2", O_RDONLY)  = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20\204"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0555, st_size=197264, ...}) = 0
mmap2(NULL, 195460, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7b20000
mmap2(0xb7b4d000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2d) = 0xb7b4d000
close(3)                                = 0
open("/lib/libz.so.1", O_RDONLY)        = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000\22\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=73172, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7b1f000
mmap2(NULL, 75088, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7b0c000
mmap2(0xb7b1e000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x11) = 0xb7b1e000
close(3)                                = 0
open("/lib/libpthread.so.0", O_RDONLY)  = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0004H\0\000"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=109237, ...}) = 0
mmap2(NULL, 70104, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7afa000
mmap2(0xb7b08000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xd) = 0xb7b08000
mmap2(0xb7b0a000, 4568, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7b0a000
close(3)                                = 0
open("/usr/lib/libstdc++-libc6.2-2.so.3", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\276\1"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=334924, ...}) = 0
mmap2(NULL, 343656, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7aa6000
mmap2(0xb7ae4000, 81920, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3d) = 0xb7ae4000
mmap2(0xb7af8000, 7784, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7af8000
close(3)                                = 0
open("/lib/libm.so.6", O_RDONLY)        = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P4\0\000"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=154072, ...}) = 0
mmap2(NULL, 135328, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7a84000
mmap2(0xb7aa4000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x20) = 0xb7aa4000
close(3)                                = 0
open("/lib/libc.so.6", O_RDONLY)        = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\306O\1"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1190392, ...}) = 0
mmap2(NULL, 1129660, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7970000
mmap2(0xb7a7e000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x10e) = 0xb7a7e000
mmap2(0xb7a82000, 7356, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7a82000
close(3)                                = 0
open("/lib/libcrypto.so.2", O_RDONLY)   = -1 ENOENT (No such file or directory)
open("/usr/lib/libcrypto.so.2", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 \316\2"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0555, st_size=1073388, ...}) = 0
mmap2(NULL, 1062968, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb786c000
mmap2(0xb795a000, 73728, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xed) = 0xb795a000
mmap2(0xb796c000, 14392, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb796c000
close(3)                                = 0
open("/lib/libdl.so.2", O_RDONLY)       = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\340\v\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=10484, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb786b000
mmap2(NULL, 12392, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7867000
mmap2(0xb7869000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1) = 0xb7869000
close(3)                                = 0
open("/usr/lib/libXmu.so.6", O_RDONLY)  = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320I\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=111572, ...}) = 0
mmap2(NULL, 93484, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7850000
mmap2(0xb7866000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16) = 0xb7866000
close(3)                                = 0
open("/usr/lib/libSM.so.6", O_RDONLY)   = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0@ \0\000"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=38914, ...}) = 0
mmap2(NULL, 35992, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7847000
mmap2(0xb784f000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7) = 0xb784f000
close(3)                                = 0
open("/usr/lib/libICE.so.6", O_RDONLY)  = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\2406\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=99106, ...}) = 0
mmap2(NULL, 96208, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb782f000
mmap2(0xb7844000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14) = 0xb7844000
mmap2(0xb7845000, 6096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7845000
close(3)                                = 0
open("/usr/lib/libXext.so.6", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\240&\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=79282, ...}) = 0
mmap2(NULL, 71540, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb781d000
mmap2(0xb782e000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x10) = 0xb782e000
close(3)                                = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb781c000
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb781b000
mprotect(0xb7a7e000, 4096, PROT_READ)   = 0
mprotect(0xb7b08000, 4096, PROT_READ)   = 0
mprotect(0xb7f37000, 4096, PROT_READ)   = 0
set_thread_area({entry_number:-1 -> 6, base_addr:0xb781b6b0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0
munmap(0xb7f13000, 60867)               = 0
set_tid_address(0xb781b6f8)             = 17281
rt_sigaction(SIGRTMIN, {0xb7afe3b4, [], SA_SIGINFO}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {0xb7afe428, [], SA_RESTART|SA_SIGINFO}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM_INFINITY}) = 0
_sysctl({{CTL_KERN, KERN_VERSION, 0, 207f1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}, 2, 0xbfc3343c, 31, (nil), 0}) = 0
open("/dev/urandom", O_RDONLY)          = 3
read(3, "\335\257\346\261", 4)          = 4
close(3)                                = 0
brk(0)                                  = 0x80a5000
brk(0x80c6000)                          = 0x80c6000
stat64("/home/user1/.juniper_networks/network_connect/META-INF/IMPORTED.RSA", {st_mode=S_IFREG|0644, st_size=2952, ...}) = 0
open("/home/user1/.juniper_networks/network_connect/META-INF/IMPORTED.RSA", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=2952, ...}) = 0
mmap2(NULL, 131072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb77fb000
read(3, "0\202\v\204\6\t*\206H\206\367\r\1\7\2\240\202\vu0\202\v"..., 131072) = 2952
read(3, "", 131072)                     = 0
read(3, "", 131072)                     = 0
close(3)                                = 0
munmap(0xb77fb000, 131072)              = 0
getuid32()                              = 1000
socket(PF_FILE, SOCK_STREAM, 0)         = 3
fcntl64(3, F_GETFL)                     = 0x2 (flags O_RDWR)
fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK)  = 0
connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(3)                                = 0
socket(PF_FILE, SOCK_STREAM, 0)         = 3
fcntl64(3, F_GETFL)                     = 0x2 (flags O_RDWR)
fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK)  = 0
connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(3)                                = 0
open("/etc/nsswitch.conf", O_RDONLY)    = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=503, ...}) = 0
mmap2(NULL, 131072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb77fb000
read(3, "# /etc/nsswitch.conf:\n# $Header:"..., 131072) = 503
read(3, "", 131072)                     = 0
close(3)                                = 0
munmap(0xb77fb000, 131072)              = 0
open("/etc/ld.so.cache", O_RDONLY)      = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=60867, ...}) = 0
mmap2(NULL, 60867, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7f13000
close(3)                                = 0
open("/lib/libnss_compat.so.2", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300\20"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=30952, ...}) = 0
mmap2(NULL, 29296, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7813000
mmap2(0xb7819000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6) = 0xb7819000
close(3)                                = 0
open("/lib/libnsl.so.1", O_RDONLY)      = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\0205\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=75304, ...}) = 0
mmap2(NULL, 83968, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb77fe000
mmap2(0xb780f000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x10) = 0xb780f000
mmap2(0xb7811000, 6144, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7811000
close(3)                                = 0
munmap(0xb7f13000, 60867)               = 0
open("/etc/ld.so.cache", O_RDONLY)      = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=60867, ...}) = 0
mmap2(NULL, 60867, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7f13000
close(3)                                = 0
open("/lib/libnss_nis.so.2", O_RDONLY)  = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0p\34\0\000"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=35464, ...}) = 0
mmap2(NULL, 37416, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb77f4000
mmap2(0xb77fc000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7) = 0xb77fc000
close(3)                                = 0
open("/lib/libnss_files.so.2", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0@\33\0\000"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=35284, ...}) = 0
mmap2(NULL, 37512, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb77ea000
mmap2(0xb77f2000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7) = 0xb77f2000
close(3)                                = 0
munmap(0xb7f13000, 60867)               = 0
open("/etc/passwd", O_RDONLY)           = 3
fcntl64(3, F_GETFD)                     = 0
fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0
_llseek(3, 0, [0], SEEK_CUR)            = 0
fstat64(3, {st_mode=S_IFREG|0644, st_size=1940, ...}) = 0
mmap2(NULL, 1940, PROT_READ, MAP_SHARED, 3, 0) = 0xb7f21000
_llseek(3, 1940, [1940], SEEK_SET)      = 0
munmap(0xb7f21000, 1940)                = 0
close(3)                                = 0
mkdir("/home/user1/.juniper_networks", 0755) = -1 EEXIST (File exists)
getgid32()                              = 100
getuid32()                              = 1000
chown32("/home/user1/.juniper_networks", 1000, 100) = 0
mkdir("/home/user1/.juniper_networks/network_connect", 0755) = -1 EEXIST (File exists)
getgid32()                              = 100
getuid32()                              = 1000
chown32("/home/user1/.juniper_networks/network_connect", 1000, 100) = 0
open("/home/user1/.juniper_networks/network_connect/ncui.log", O_WRONLY|O_APPEND|O_CREAT, 0644) = 3
getgid32()                              = 100
getuid32()                              = 1000
chown32("/home/user1/.juniper_networks/network_connect/ncui.log", 1000, 100) = 0
fstat64(3, {st_mode=S_IFREG|0644, st_size=4523, ...}) = 0
gettimeofday({1132219765, 624832}, NULL) = 0
stat64("/home/user1/.juniper_networks/network_connect/ncui.log", {st_mode=S_IFREG|0644, st_size=4523, ...}) = 0
time(NULL)                              = 1132219765
open("/etc/localtime", O_RDONLY)        = 4
fstat64(4, {st_mode=S_IFREG|0644, st_size=1067, ...}) = 0
fstat64(4, {st_mode=S_IFREG|0644, st_size=1067, ...}) = 0
mmap2(NULL, 131072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb77ca000
read(4, "TZif\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\n\0\0\0\n\0"..., 131072) = 1067
close(4)                                = 0
munmap(0xb77ca000, 131072)              = 0
stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=1067, ...}) = 0
write(3, "20051117102925.624832 ncui[17281"..., 105) = 105
clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xb781b6f8) = 17282
time(NULL)                              = 1132219765
socketpair(PF_FILE, SOCK_STREAM, 0, [4, 5]) = 0
fcntl64(4, F_GETFL)                     = 0x2 (flags O_RDWR)
fcntl64(4, F_SETFL, O_RDWR|O_NONBLOCK)  = 0
fcntl64(5, F_GETFL)                     = 0x2 (flags O_RDWR)
fcntl64(5, F_SETFL, O_RDWR|O_NONBLOCK)  = 0
mmap2(NULL, 8392704, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb6fe9000
mprotect(0xb6fe9000, 4096, PROT_NONE)   = 0
clone(child_stack=0xb77e94e4, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0xb77e9bf8, {entry_number:6, base_addr:0xb77e9bb0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}, child_tidptr=0xb77e9bf8) = 17283
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
rt_sigaction(SIGCHLD, NULL, {SIG_DFL}, 8) = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
nanosleep({2, 0},


< right here, the client pops up >

Code:

{2, 0})               = 0
rt_sigaction(SIG_0, {0x8079e7c, [], SA_SIGINFO}, NULL, 8) = -1 EINVAL (Invalid argument)
rt_sigaction(SIGINT, {0x8079e7c, [], SA_SIGINFO}, NULL, 8) = 0
rt_sigaction(SIG_0, {0x8079e7c, [], SA_SIGINFO}, NULL, 8) = -1 EINVAL (Invalid argument)
rt_sigaction(SIGINT, {0x8079e7c, [], SA_SIGINFO}, NULL, 8) = 0
rt_sigaction(SIGQUIT, {0x8079e7c, [], SA_SIGINFO}, NULL, 8) = 0
rt_sigaction(SIG_0, {0x8079e7c, [], SA_SIGINFO}, NULL, 8) = -1 EINVAL (Invalid argument)
rt_sigaction(SIGINT, {0x8079e7c, [], SA_SIGINFO}, NULL, 8) = 0
rt_sigaction(SIGQUIT, {0x8079e7c, [], SA_SIGINFO}, NULL, 8) = 0
rt_sigaction(SIGTERM, {0x8079e7c, [], SA_SIGINFO}, NULL, 8) = 0
rt_sigaction(SIG_0, {0x8079e7c, [], SA_SIGINFO}, NULL, 8) = -1 EINVAL (Invalid argument)
rt_sigaction(SIGINT, {0x8079e7c, [], SA_SIGINFO}, NULL, 8) = 0
rt_sigaction(SIGQUIT, {0x8079e7c, [], SA_SIGINFO}, NULL, 8) = 0
rt_sigaction(SIGTERM, {0x8079e7c, [], SA_SIGINFO}, NULL, 8) = 0
rt_sigaction(SIGCHLD, {0x8079e7c, [], SA_SIGINFO}, NULL, 8) = 0
socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 7
connect(7, {sa_family=AF_INET, sin_port=htons(4242), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
fcntl64(7, F_GETFL)                     = 0x2 (flags O_RDWR)
fcntl64(7, F_SETFL, O_RDWR|O_NONBLOCK)  = 0
send(7, "\0\0\0\0\0\0\0d\1\0\0\0\0\0\0\0\0\0\0\0", 20, 0) = 20
time(NULL)                              = 1132219767
select(8, [4 7], [], NULL, NULL)        = 1 (in [7])
time(NULL)                              = 1132219767
recv(7, "\0\0\0\0\0\0\0k\1\0\0\0\1\0\0\0\0\0\0 \0\310\0\0\0\n\0"..., 16384, 0) = 52
send(7, "\0\0\0\0\0\0\0f\1\0\0\0\1\0\0\0\0\0\0\204\0\313\0\0\0~"..., 152, 0) = 152
time(NULL)                              = 1132219767
time(NULL)                              = 1132219767
select(8, [4 7], [], NULL, NULL)        = 1 (in [7])
time(NULL)                              = 1132219767
recv(7, "\0\0\0\0\0\0\0n\1\0\0\0\1\0\0\0\0\0\0 \0\310\0\0\0\n\0"..., 16384, 0) = 52
gettimeofday({1132219767, 871697}, NULL) = 0
stat64("/home/user1/.juniper_networks/network_connect/ncui.log", {st_mode=S_IFREG|0644, st_size=4628, ...}) = 0
time(NULL)                              = 1132219767
stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=1067, ...}) = 0
write(3, "20051117102927.871697 ncui[17281"..., 97) = 97
send(4, "n", 1, 0)                      = 1
rt_sigaction(SIGINT, {SIG_DFL}, NULL, 8) = 0
rt_sigaction(SIGQUIT, {SIG_DFL}, NULL, 8) = 0
rt_sigaction(SIGTERM, {SIG_DFL}, NULL, 8) = 0
rt_sigaction(SIGCHLD, {SIG_DFL}, NULL, 8) = 0
close(7)                                = 0
time(NULL)                              = 1132219767
close(4)                                = 0
close(5)                                = 0
gettimeofday({1132219767, 894928}, NULL) = 0
time(NULL)                              = 1132219767
stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=1067, ...}) = 0
write(3, "20051117102927.894928 ncui[17281"..., 93) = 93
wait4(17282, NULL, WSTOPPED, NULL)      = 17282
gettimeofday({1132219767, 914260}, NULL) = 0
time(NULL)                              = 1132219767
stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=1067, ...}) = 0
write(3, "20051117102927.914260 ncui[17281"..., 69) = 69
exit_group(0)                           = ?
Back to top
View user's profile Send private message
chovy
Guru
Guru


Joined: 03 Dec 2004
Posts: 453

PostPosted: Thu Nov 17, 2005 6:09 pm    Post subject: Reply with quote

ok, two things...(I haven't tried what you did yet as I haven't time). but you need to make mozilla use the sun-jre instead of blackdown.

You can switch the system default with java-config -L; java-config -S <result from -L>

Code:
java-config -S sun-jre-bin-1.5.0.05
/usr/sbin/env-update && source /etc/profile


I DID get a bunch of red errors after the 1st command. Not sure if I can ignore those or not.

Code:
java-config -L should yield [color=green][sun-jre-bin-1.5.0.05] "Sun JRE 1.5.0.05" (/etc/env.d/java/20sun-jre-bin-1.5.0.05) * [/color]


Also, you may have to link the file mozilla java plugin file to the sun-jre...
Code:

/usr/lib/mozilla-firefox/plugins
spring plugins # ls -la
total 22
lrwxrwxrwx   1 root root    62 Nov 14 13:51 libjavaplugin_oji.so -> /opt/sun-jre-bin-1.5.0.05/plugin/i386/ns7/libjavaplugin_oji.so


This got me a little closer but no dice ( think I may have missed a step somewhere). I'm thinking I probabaly have to rebuild moizlla? but I don't know. I'm stabbin' in the dark here. <rant>One of the many frustrations of using closed software like java binaries (which has the perception of being open source). I actually go tin an argument about whether or not java is open source with someone at work.</rant>

You should at the very least get a popup window in Firefox that asks for root password.

check log/files in $HOME/.juniper_network/ and /root/.juniper_network for more clues.

I did read somewhere that Juniper added the ip to /etc/resolve.conf but did not prepend it, so you have to open that file and move the assigned internal VPN ip of your company to the top of the file.


After I implement all the necessary tweaks mentioned in this file, I would start from scratch:

Code:
rm -rf /root/.juniper_networks; rm -rf /home/<username>/.juniper_networks;


Then load the url in the browser (at least that's how we load it at MyCo, Inc.).

I actually called Juniper just to find out where the doucmentation was for this wonderful little app that is suppsed to run on linux, and they wanted to file a "paid support ticket". Which probably would've gotten me fired or cost MyCO, Inc. a thousand dollars. Their site is useless as far as documentation, so hopefully this page comes up in Google for other deviants like us :)
_________________
Woof, Woof! Add "[solved]" to the title! Woof, Woof!
Back to top
View user's profile Send private message
santo
n00b
n00b


Joined: 24 Apr 2002
Posts: 44
Location: Belgium

PostPosted: Fri Nov 18, 2005 7:44 am    Post subject: Reply with quote

Hi chovy, thanx for the suggestions.

First, my default java runtime is already the sun jdk:
Quote:

user1@laptop01 ~ $ java-config -L
[sun-jdk-1.4.2.09] "Sun JDK 1.4.2.09" (/etc/env.d/java/20sun-jdk-1.4.2.09) *
[blackdown-jre-1.4.2.02] "Blackdown JRE 1.4.2.02" (/etc/env.d/java/20blackdown-jre-1.4.2.02)
[blackdown-jdk-1.4.2.02] "Blackdown JDK 1.4.2.02" (/etc/env.d/java/20blackdown-jdk-1.4.2.02)


(I don't get any errors, in contrast to you)

Then the other remarks/suggestions:

linking the java plugin for mozilla isn't necessary in my case as far as I know, because java is working perfectly for all of the other sites.

The popup window you mention was shown the first time I logged in to the VPN and is only used to install the necessary tools/scripts
(~/.juniper_networks/network_connect)
Correct me if I'm wrong

An ip address is never added to my /etc/resolv.conf file, so moving it to the top is a bit difficult :wink:

starting from scratch didn't help me any further either, I did that already a bunch of times :(

support on their site is indeed rather useless, as you need an account for almost everything (which I haven't, because I'm only
a simple developer, trying to work from home :) )

So I guess google is indeed the only real chance for now :roll:

BTW, when I log out from the web interface after the first time I logged in, then login again and try to open
the network connect client again (under "Client Application Sessions"), the popup with the text
"Loading network connect client. Please wait" appears and then I get the following error:
Quote:

Installation error number 19 while fetching target application from IVE.
Please quit the web browser and try again
Back to top
View user's profile Send private message
chovy
Guru
Guru


Joined: 03 Dec 2004
Posts: 453

PostPosted: Fri Nov 18, 2005 7:57 am    Post subject: Reply with quote

yeah. well those were the steps to get it to work on debian and redhat, as people have gotten it to work.

If you ever do figure it out on gentoo, please PLEASE let us know. I spent days researching this on the web. and could find nothing.
_________________
Woof, Woof! Add "[solved]" to the title! Woof, Woof!
Back to top
View user's profile Send private message
santo
n00b
n00b


Joined: 24 Apr 2002
Posts: 44
Location: Belgium

PostPosted: Wed Nov 23, 2005 6:21 pm    Post subject: Reply with quote

Does this mean you have gotten it to work on Debian ?
If so, can you tell me how ?

I currently have two distributions with which I work, Gentoo and Ubuntu, and on both I can't get
the Juniper client to work.
Back to top
View user's profile Send private message
chovy
Guru
Guru


Joined: 03 Dec 2004
Posts: 453

PostPosted: Wed Nov 23, 2005 7:21 pm    Post subject: Reply with quote

all i know i posted above.
_________________
Woof, Woof! Add "[solved]" to the title! Woof, Woof!
Back to top
View user's profile Send private message
chovy
Guru
Guru


Joined: 03 Dec 2004
Posts: 453

PostPosted: Wed Jan 25, 2006 8:32 pm    Post subject: Reply with quote

anybody have any luck with this yet?
_________________
Woof, Woof! Add "[solved]" to the title! Woof, Woof!
Back to top
View user's profile Send private message
chovy
Guru
Guru


Joined: 03 Dec 2004
Posts: 453

PostPosted: Tue Apr 18, 2006 3:05 pm    Post subject: Reply with quote

*bump*

santo, any luck with this?
_________________
Woof, Woof! Add "[solved]" to the title! Woof, Woof!
Back to top
View user's profile Send private message
santo
n00b
n00b


Joined: 24 Apr 2002
Posts: 44
Location: Belgium

PostPosted: Sat Apr 29, 2006 9:05 am    Post subject: Reply with quote

No, unfortunately not.
For the moment I'm using openvpn, which is what we used before Juniper.
After the introduction of the Juniper however, openvpn was kept as an alternative for people running linux clients
because of the bad support for that platform by Juniper.

In other words: I'm not spending too much time anymore to find a solution for this, as I'm completely happy with openvpn right now.
This doesn't mean I'm not interested in a solution anymore of course ;-)
Back to top
View user's profile Send private message
chovy
Guru
Guru


Joined: 03 Dec 2004
Posts: 453

PostPosted: Wed May 03, 2006 9:18 am    Post subject: Reply with quote

fwiw, there is a forum, although not much info on linux:

http://www.juniperforum.com/index.php/topic,2043.0.html


I got my java errors corrected, I had to set the sun-sdk, not the sun-jre with "java-config -S".

Now I recompiled firefox, etc. (I downgraded to sun-sdk-1.4*) because I think that's what juniper officially supports...but no avail.

I still get the "assigned ip: 0.0.0.0" in the popup.
_________________
Woof, Woof! Add "[solved]" to the title! Woof, Woof!
Back to top
View user's profile Send private message
clockwise
Apprentice
Apprentice


Joined: 24 Aug 2002
Posts: 152
Location: uk

PostPosted: Wed Jun 21, 2006 10:35 pm    Post subject: Reply with quote

Mine now connects properly when launched from the browser, and I know that the applet launches '~/.juniper_networks/network_connect/ncsvc' and '~/.juniper_networks/network_connect/ncui' but I'm not sure (yet) what it supplies for the credentials.

Anyway, here's what I've got installed:
Quote:

$ emerge -pv openssl motif lib-compat sun-jdk
These are the packages that would be merged, in order:
Calculating dependencies... done!
[ebuild R ] dev-libs/openssl-0.9.7i USE="zlib -bindist -emacs -test" 0 kB
[ebuild R ] x11-libs/openmotif-2.2.3-r9 0 kB
[ebuild R ] sys-libs/lib-compat-1.4.1 USE="sdl" 0 kB
[ebuild RF ] dev-java/sun-jdk-1.4.2.10-r2 USE="X alsa examples nsplugin -browserplugin -doc -jce -mozilla*" 35,592 kB
Total size of downloads: 35,592 kB

I've got '/usr/X11R6/lib/' in my in my '/etc/ld.so.conf'. You can add this to:
Code:

$ $EDITOR /etc/env.d/99juniper

Ensure you have TUN enabled in your kernel:
Quote:

Device Drivers --->
Network device support --->
<*> Universal TUN/TAP device driver support

or you can just:
Code:

$ grep CONFIG_TUN /usr/src/linux/.config
CONFIG_TUN=y

Ensure you're using the SUN JDK:
Code:

# java-config -L
[sun-jdk-1.4.2.10] "Sun JDK 1.4.2.10" (/etc/env.d/java/20sun-jdk-1.4.2.10) *
[blackdown-jre-1.4.2.03] "Blackdown JRE 1.4.2.03" (/etc/env.d/java/20blackdown-jre-1.4.2.03)
[blackdown-jdk-1.4.2.03] "Blackdown JDK 1.4.2.03" (/etc/env.d/java/20blackdown-jdk-1.4.2.03)
# java-config -S sun-jdk-1.4.2.10
System Virtual Machine set
You may want to update your enviroment by running:
        "/usr/sbin/env-update && source /etc/profile"
# /usr/sbin/env-update && source /etc/profile
>>> Regenerating /etc/ld.so.cache...

With all that in, I'd suggest removing the original install:
Code:

$ rm -rf ~/.juniper_networks

And then re-starting your browser and attempting to start 'Network Connect' from where you have it made available to you. On mine, it pops up the window with the process bar, which then turns into the status window that has 'Assigned IP' in it. This starts on '0.0.0.0' for a few seconds then gets one on our internal network. You can verify this with:
Code:

$ /sbin/ifconfig tun0
tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:[int].[ern].[al].[ip]  P-t-P:[int].[ern].[al].[ip] Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1400  Metric:1
          RX packets:1982 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1762 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500
          RX bytes:1901003 (1.8 Mb)  TX bytes:214829 (209.7 Kb)


You may also want to edit '/etc/resolv.conf' to ensure that things are being consulted in the right order. I have to put my router's ip back at the top of the file so that my normal browsing, etc. can carry on.

Hope this helps.

-- EDIT --
Credit where credit is due - this page was extremely helpful:
http://www.flexion.org/site/index.php?gadget=StaticPage&action=Page&id=50
:wink:


Last edited by clockwise on Wed Jun 21, 2006 10:48 pm; edited 2 times in total
Back to top
View user's profile Send private message
clockwise
Apprentice
Apprentice


Joined: 24 Aug 2002
Posts: 152
Location: uk

PostPosted: Wed Jun 21, 2006 10:43 pm    Post subject: Reply with quote

oh, and if anyone does get it running from the command line, please do share.
Back to top
View user's profile Send private message
chovy
Guru
Guru


Joined: 03 Dec 2004
Posts: 453

PostPosted: Thu Jun 22, 2006 5:37 am    Post subject: Reply with quote

halle-friggin-jula!!!

6 months I've been trying to solve this problem, the kernel config parameter you mentioned did the trick for me!

One last thing, in /etc/resolve.conf I had to move my corporate nameserver to the top of the list, over my router's ip number.

at least I know what the problem was, it's been bugging me for quite some time.

update:
ps - closing that network connect window kills your connection.

Here's a bunch of links I used, etc:

Quote:
Installing Sun Java JRE 1.4.x

http://plugindoc.mozdev.org/linux.html#Java

https://wiki.ubuntu.com/FirefoxPlugins?highlight=%28sun%29%7C%28java%29#head-ed3c0fafb1aadeac370de3dc07b5677bce79545

https://wiki.ubuntu.com/RestrictedFormats#head-e2ebd70ede0e3eb2117ffbd618d2295dd1540dca

https://wiki.ubuntu.com/AddingRepositoriesHowto

Missing Libraries:
libXm.so.3 (apt-get install libmotif3
root@ubuntu:/usr/lib# apt-file search libXm.so.3
j2re1.4: usr/lib/j2se/1.4/jre/lib/i386/libXm.so.3
libmotif3: usr/X11R6/lib/libXm.so.3 * (symlink this one to /usr/lib)
libmotif3: usr/X11R6/lib/libXm.so.3.0.2

)
libstdc++-libc6.2-2.so.3 (apt-get install libstdc++2.10-glibc2.2)
gentoo (emerge lib-compat)

libssl.so.2
libcrypto.so.2 (cd /usr/lib
ln -s libssl.so.0.9.7 libssl.so.2
ln -s libcrypto.so.0.9.7 libcrypto.so.2
)


1) important, kernel must have this enabled:
grep CONFIG_TUN /usr/src/linux/.config
CONFIG_TUN=y
if it's "n", got /usr/src/linux, and execute make menuconfig:
Device Drivers --->
Network device support --->
<*> Universal TUN/TAP device driver support
recompile kernel and update grub.conf
2) get sun-jre-bin-1.4* on your system
3) set sun-sdk-bin-1.4 as default with java-config -S
4) recompile firefox
5) rm -rf ~username/.juniper_network
6) su; rm -rf /root/.juniper_network
7) https://vpn.corp.com
8) click the button or however you are supposed to load the juniper vpn client
9) try it again. failed --still get "Assigned IP: 0.0.0.0"
10) vi /etc/resolv.conf (move myCo, Inc. nameservers to the top).

should get "Assinged IP: 10.x.x.x" (your corporate internal ip number)

_________________
Woof, Woof! Add "[solved]" to the title! Woof, Woof!
Back to top
View user's profile Send private message
Taniwha
n00b
n00b


Joined: 27 May 2007
Posts: 5

PostPosted: Wed Jun 24, 2009 10:57 am    Post subject: Juniper networks problemns Reply with quote

Since I found a fix I thought I'd share my solution - I got the Juniper VPN working on my laptop, sometimes it would work, sometimes it would just fail immediately, a reboot would always fix the problem.

In my case it turned out that sleeping the laptop and waking it up again left the network port without a route for the subnet on which the network port lived on (it still worked happily because there was a default route in place to the router through that port). Turns out the Juniper code really really wants that subnet route to be there and will shutdown so fast you can't get at the logs in the UI to find out why.

My tacky by-hand solution is to restart the interface before starting the VPN:

Quote:

dhcpc -k eth2
dhcpcd eth2
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum