Gentoo Wiki ArchivesGentoo Wiki


This is about setting up a Juniper SSL Network Connect VPN.


Preliminary Testing

Make sure you have Sun's Java JRE installed. Blackdown and others may not work. Sun-jre-bin also works. Note, this article may be 32-bit specific, however there is a discussion about how to get a 64-bit Java environment working with the Juniper SSL VPN on the Gentoo Forums.

Warning: If you are a Mozilla Firefox user and are experiencing troubles, please be sure you have a working Java environment. Recent versions of Mozilla Firefox have known issues with Java. Mozilla Firefox 2.0.x is supported.
  1. First, head on over to your Juniper SSL VPN's portal website.
  2. Add this portal website to your browser's whitelist for launching popups. (There will be one small one, which initiates the VPN connection. This will also display information about the connection.)
  3. Click on "Network Connect"
  4. Enter root password when prompted.
  5. A window will likely popup saying there are some issues. Take note of them.

With any luck, you will see that you are "missing" a few requirements.


Emerge the following ebuilds. (Don't worry about version numbers, just use the latest stable.)

Recompile the kernel, if necessary, with the following enabled (as a module or monolithicly)

Device Drivers-->
   Network device support-->
      <M> Univesal TUN/TAP device driver support

If you compiled it as a module, remember to mobprobe tun or add it to /etc/modules.autoload.d/kernel-2.6.


ln -s /usr/lib/ /usr/lib/
ln -s /usr/lib/ /usr/lib/

ln -s /usr/lib/ /usr/lib/
ln -s /usr/lib/ /usr/lib/

And the following if you are using lesstif:

ln -s /usr/lib/ /usr/lib/


RPM issue

Because this software was originally desinged for Redhat 8 or something archaic like that it requires /usr/bin/rpm to install. It doesn't actually use rpm to install itself but just to check if some of the packages it needs are installed. There are two ways to handle this.

The first way is the correct way, but this method will cause the software to throw a package not found error but still function correctly.

emerge -av app-arch/rpm

The second method is a dirty dirty hack and may/will cause issues in the future, but the program to execute without error. Please use with caution!

ln -s /bin/true /usr/bin/rpm
rm -rf ~/.juniper_networks

Head on over to your portal page again, and launch "Network Connect." It should run without any problems.

Thinking out loud here, I love symlinking the rpm command to true but I could not emerge anything without it. Would it be possible to add a random path to the user to be used but only by the web browser or just you (not root).


Alex has created an ebuild based on the instructions above to help streamline the installation.

This ebuild should work with amd64 provided you can get some of the emul libs and java plugin for amd64. This has not been tested yet so if you would like to play around with it please modify the wiki and post any errors that you find.

This now appears to work with rpm so the symlink hack has been removed.

To install this ebuild follow instructions:

 # echo "PORTDIR_OVERLAY="/usr/local/portage" >> /etc/make.conf
 # mkdir -p /usr/local/portage/net-misc/juniper-vpn
 # cd /usr/local/portage/net-misc/juniper-vpn
 # nano -wc juniper-vpn-5.3.ebuild
    <copy paste the ebuild>
 # ebuild juniper-vpn-5.3.ebuild digest
 # USE="rpm" emerge -av juniper-vpn

For better instructions please see: HOWTO_Installing_3rd_Party_Ebuilds

File: net-misc/juniper-vpn/juniper-vpn-5.3.ebuild
# Copyright 1999-2008 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: $
# Created by Alex Barker (

inherit eutils libtool versionator linux-info

DESCRIPTION="Juniper Networks SSL VPN"

# The license is unclear.
KEYWORDS="-* ~amd64 x86"


pkg_setup() {
	# Setup kernel info for query.
	ebegin "Checking for Univesal TUN/TAP device driver support"
	linux_chkconfig_present TUN
	eend $?
	if [[ $? -ne 0 ]] ; then
		eerror "${DESCRIPTION} requires TUN/TAP support!"
		eerror "Please enable TUN/TAP support in your kernel config, found at:"
		eerror "  Device Drivers-->"
		eerror "    Network device support-->"
		eerror "      <M> Univesal TUN/TAP device driver support"
		eerror "and recompile your kernel ..."
		die "TUN/TAP support not detected!"

src_install() {
	# Default location and version number for libs.
	# Create Lib Location
	mkdir -p ${D}/${LIBCRYPT_LOC}
	# This is a dirty hack becaues they are called different 
	# names on redhat 9.
	ln -s ${D}/${LIBCRYPT_LOC}/
	ln -s ${D}/${LIBCRYPT_LOC}/
	# Add the following to /etc/ and then run ldconfig
	mkdir -p ${D}/etc/env.d/
	echo "LDPATH=\"/usr/X11R6/lib\"" >> ${D}/etc/env.d/99JuniperVPN

pkg_postinst() {
	einfo ""
	einfo "please be sure to remove any juniper networking information in your home directory."
	einfo "  rm -rf ~/.juniper_networks."
	einfo ""
Retrieved from ""

Last modified: Wed, 08 Oct 2008 16:54:00 +1100 Hits: 11,999

Created by, Luxury Homes Australia
Real estate agents should list their apartments, townhouses and units in Australia.