Gentoo Wiki ArchivesGentoo Wiki

Juniper

This is about setting up a Juniper SSL Network Connect VPN.

Contents

Preliminary Testing

Make sure you have Sun's Java JRE installed. Blackdown and others may not work. Sun-jre-bin also works. Note, this article may be 32-bit specific, however there is a discussion about how to get a 64-bit Java environment working with the Juniper SSL VPN on the Gentoo Forums.

Warning: If you are a Mozilla Firefox user and are experiencing troubles, please be sure you have a working Java environment. Recent versions of Mozilla Firefox have known issues with Java. Mozilla Firefox 2.0.x is supported.
  1. First, head on over to your Juniper SSL VPN's portal website.
  2. Add this portal website to your browser's whitelist for launching popups. (There will be one small one, which initiates the VPN connection. This will also display information about the connection.)
  3. Click on "Network Connect"
  4. Enter root password when prompted.
  5. A window will likely popup saying there are some issues. Take note of them.

With any luck, you will see that you are "missing" a few requirements.

libXm.so.3
libssl.so.2
libstdc++-libc6.2-2.so.3
libcrypto.so.2

Prerequisites

Emerge the following ebuilds. (Don't worry about version numbers, just use the latest stable.)

Recompile the kernel, if necessary, with the following enabled (as a module or monolithicly)

Device Drivers-->
   Network device support-->
      <M> Univesal TUN/TAP device driver support

If you compiled it as a module, remember to mobprobe tun or add it to /etc/modules.autoload.d/kernel-2.6.

Setup

ln -s /usr/lib/libssl.so.0.9.8 /usr/lib/libssl.so.2
ln -s /usr/lib/libcrypto.so.0.9.8 /usr/lib/libcrypto.so.2

ln -s /usr/lib/libssl.so /usr/lib/libssl.so.2
ln -s /usr/lib/libcrypto.so /usr/lib/libcrypto.so.2


And the following if you are using lesstif:

ln -s /usr/lib/libXm.so.2 /usr/lib/libXm.so.3


/usr/X11R6/lib

RPM issue

Because this software was originally desinged for Redhat 8 or something archaic like that it requires /usr/bin/rpm to install. It doesn't actually use rpm to install itself but just to check if some of the packages it needs are installed. There are two ways to handle this.

The first way is the correct way, but this method will cause the software to throw a package not found error but still function correctly.

emerge -av app-arch/rpm

The second method is a dirty dirty hack and may/will cause issues in the future, but the program to execute without error. Please use with caution!

ln -s /bin/true /usr/bin/rpm
rm -rf ~/.juniper_networks

Head on over to your portal page again, and launch "Network Connect." It should run without any problems.

Thinking out loud here, I love symlinking the rpm command to true but I could not emerge anything without it. Would it be possible to add a random path to the user to be used but only by the web browser or just you (not root).

Ebuild

Alex has created an ebuild based on the instructions above to help streamline the installation.

This ebuild should work with amd64 provided you can get some of the emul libs and java plugin for amd64. This has not been tested yet so if you would like to play around with it please modify the wiki and post any errors that you find.

This now appears to work with rpm so the symlink hack has been removed.

To install this ebuild follow instructions:

 # echo "PORTDIR_OVERLAY="/usr/local/portage" >> /etc/make.conf
 # mkdir -p /usr/local/portage/net-misc/juniper-vpn
 # cd /usr/local/portage/net-misc/juniper-vpn
 # nano -wc juniper-vpn-5.3.ebuild
    <copy paste the ebuild>
 # ebuild juniper-vpn-5.3.ebuild digest
 # USE="rpm" emerge -av juniper-vpn

For better instructions please see: HOWTO_Installing_3rd_Party_Ebuilds

File: net-misc/juniper-vpn/juniper-vpn-5.3.ebuild
 
# Copyright 1999-2008 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: $
# Created by Alex Barker (abarker@callutheran.edu)

inherit eutils libtool versionator linux-info

DESCRIPTION="Juniper Networks SSL VPN"
HOMEPAGE="http://www.juniper.net/products_and_services/ssl_vpn_secure_access/"
SRC_URI=""

LICENSE="Juniper"
# The license is unclear.
RESTRICT="nomirror"
SLOT="0"
KEYWORDS="-* ~amd64 x86"
IUSE=""

DEPEND=""
RDEPEND="${DEPEND}
	dev-libs/openssl
	sys-libs/lib-compat
	sys-libs/zlib
	>=virtual/jre-1.4.2
	x11-libs/openmotif
	app-arch/rpm"

pkg_setup() {
	# Setup kernel info for query.
	linux-info_pkg_setup	
	
	ebegin "Checking for Univesal TUN/TAP device driver support"
	linux_chkconfig_present TUN
	eend $?
	
	if [[ $? -ne 0 ]] ; then
		eerror "${DESCRIPTION} requires TUN/TAP support!"
		eerror "Please enable TUN/TAP support in your kernel config, found at:"
		eerror
		eerror "  Device Drivers-->"
		eerror "    Network device support-->"
		eerror "      <M> Univesal TUN/TAP device driver support"
		eerror
		eerror "and recompile your kernel ..."
		die "TUN/TAP support not detected!"
	fi
}

src_install() {
	# Default location and version number for libs.
	LIBCRYPT_LOC="/usr/lib"
	
	# Create Lib Location
	mkdir -p ${D}/${LIBCRYPT_LOC}
	
	# This is a dirty hack becaues they are called different 
	# names on redhat 9.
	ln -s libssl.so ${D}/${LIBCRYPT_LOC}/libssl.so.2
	ln -s libcrypto.so ${D}/${LIBCRYPT_LOC}/libcrypto.so.2
	
	# Add the following to /etc/ld.so.conf and then run ldconfig
	mkdir -p ${D}/etc/env.d/
	echo "LDPATH=\"/usr/X11R6/lib\"" >> ${D}/etc/env.d/99JuniperVPN
}

pkg_postinst() {
	einfo ""
	einfo "please be sure to remove any juniper networking information in your home directory."
	einfo "  rm -rf ~/.juniper_networks."
	einfo ""
}
  
Retrieved from "http://www.gentoo-wiki.info/Juniper"

Last modified: Wed, 08 Oct 2008 16:54:00 +1100 Hits: 11,329

Created by NickStallman.net, Luxury Homes Australia
Real estate agents should list their apartments, townhouses and units in Australia.