CISCO VPN does not work

It doesnt even Ask me Username passoword

From your question it sounds as though you're using an official Cisco VPN client. There is an alternative called vpnc which is available in the Ubuntu repository and has a Network Manager plugin available (network-manager-vpnc) if you use Network Manager. I've used it on a daily basis in the past and had only one problem (with dead peer detection). Be aware that the problem (see https://bugs.edge.launchpad.net/ubuntu/+source/vpnc/+bug/93413) may have re-surfaced in the default configuration as of Hardy (I think), but that dead peer detection can be disabled to work around it.

Thanks James for replying .
Yes I am using Cisco Client provided by my company which is a pre configured RPM file
I converted it to .deb (using alias) file and installed in Ubuntu

Since all the configuration is with .PCF files in Profiles directory
Now I have installed vpnc as well.But I dont know how to use .PCF files with it.
Is there any way to configure vpnc manually refering tp PCF files ?

http://www.blog.arun-prabha.com/2006/11/16/installing-cisco-vpn-and-vpnc-in-ubuntu/

2008/12/17 James Tait <email address hidden>

> Your question #54666 on Ubuntu changed:
> https://answers.edge.launchpad.net/ubuntu/+question/54666
>
> Status: Open => Answered
>
> James Tait proposed the following answer:
> >From your question it sounds as though you're using an official Cisco
> VPN client. There is an alternative called vpnc which is available in
> the Ubuntu repository and has a Network Manager plugin available
> (network-manager-vpnc) if you use Network Manager. I've used it on a
> daily basis in the past and had only one problem (with dead peer
> detection). Be aware that the problem (see
> https://bugs.edge.launchpad.net/ubuntu/+source/vpnc/+bug/93413) may have
> re-surfaced in the default configuration as of Hardy (I think), but that
> dead peer detection can be disabled to work around it.
>
> --
> If this answers your question, please go to the following page to let us
> know that it is solved:
>
> https://answers.edge.launchpad.net/ubuntu/+question/54666/+confirm?answer_id=1
>
> If you still need help, you can reply to this email or go to the
> following page to enter your feedback:
> https://answers.edge.launchpad.net/ubuntu/+question/54666
>
> You received this question notification because you are a direct
> subscriber of the question.
>

--
Neil
http://neilghosh.co.cc

I created a conf file and put all the details according to the article

I connected Cisco from windows and noted down the server address.I used the
same profile everywhere

It didnt work :( Saying No response from target

2008/12/17 Neil <email address hidden>

> Your question #54666 on Ubuntu changed:
> https://answers.launchpad.net/ubuntu/+question/54666
>
> You gave more information on the question:
> http://www.blog.arun-prabha.com/2006/11/16/installing-cisco-vpn-and-
> vpnc-in-ubuntu/<http://www.blog.arun-prabha.com/2006/11/16/installing-cisco-vpn-and-vpnc-in-ubuntu/>
>
> 2008/12/17 James Tait <email address hidden>
>
> > Your question #54666 on Ubuntu changed:
> > https://answers.edge.launchpad.net/ubuntu/+question/54666
> >
> > Status: Open => Answered
> >
> > James Tait proposed the following answer:
> > >From your question it sounds as though you're using an official Cisco
> > VPN client. There is an alternative called vpnc which is available in
> > the Ubuntu repository and has a Network Manager plugin available
> > (network-manager-vpnc) if you use Network Manager. I've used it on a
> > daily basis in the past and had only one problem (with dead peer
> > detection). Be aware that the problem (see
> > https://bugs.edge.launchpad.net/ubuntu/+source/vpnc/+bug/93413) may have
> > re-surfaced in the default configuration as of Hardy (I think), but that
> > dead peer detection can be disabled to work around it.
> >
> > --
> > If this answers your question, please go to the following page to let us
> > know that it is solved:
> >
> >
> https://answers.edge.launchpad.net/ubuntu/+question/54666/+confirm?answer_id=1
> >
> > If you still need help, you can reply to this email or go to the
> > following page to enter your feedback:
> > https://answers.edge.launchpad.net/ubuntu/+question/54666
> >
> > You received this question notification because you are a direct
> > subscriber of the question.
> >
>
>
> --
> Neil
> http://neilghosh.co.cc
>
> You received this question notification because you are a direct
> subscriber of the question.
>

--
Neil
http://neilghosh.co.cc

OK, let's try and rule out some possibilities:

 * Did you verify the IP address? Can you get it verified by a sysadmin or someone?
 * Is there a firewall between you and the remote host that might be blocking you?
 * Did you try pcf2vpnc (/usr/share/vpnc/pfc2vpnc)?
 * What output do you see if you up the debug level to 3?

Hopefully that should help to steer us in the right direction.

I will try to verify the IP address but I am afraid they will help me in regarding this because we use XP as standard I am using Ubuntu at home because I am used to and dont want to switch to XP just because of this.

*Anyway I converted the pcf to conf file but got follwong error while connecting
vpnc-connect was built without openssl: Can't do hybrid or cert mode.

* How do I check if there is any firewall or not in Ubuntu 8.10
*How to set the debug Log level 3 ?

Sample output I attempted

neil@neil-laptop:/usr/share/vpnc$ sudo vpnc-connect --debug 3 /etc/vpnc/c.conf
vpnc-connect was built without openssl: Can't do hybrid or cert mode.
neil@neil-laptop:/usr/share/vpnc$ sudo vpnc-connect --debug 3 /etc/vpnc/c.conf
vpnc-connect was built without openssl: Can't do hybrid or cert mode.
neil@neil-laptop:/usr/share/vpnc$ sudo vpnc-connect --debug 99 /etc/vpnc/c.conf
vpnc-connect was built without openssl: Can't do hybrid or cert mode.
neil@neil-laptop:/usr/share/vpnc$

Your attempts to set the debug level appear correct. I often use the --no-detach option when trying to debug things, but it's not strictly necessary.

I'm more concerned by the error message you're seeing. It appears as though the converted pcf file is indicating that certificate or hybrid mode must be used and that the Ubuntu packages are not compiled with support for it. In the output from vpnc --long-help I see the following:

  --auth-mode <psk/cert/hybrid>
      Authentication mode:
       * psk: pre-shared key (default)
       * cert: server + client certificate (not implemented yet)
       * hybrid: server certificate + xauth (if built with openssl support)
    Default: psk
  conf-variable: IKE Authmode <psk/cert/hybrid>

I've verified that the vpnc in the Ubuntu packages is not explicitly linked against OpenSSL, although I believe it is possible to dynamically load it on demand at runtime and I haven't looked at the code yet to see if that is done -- the comment suggests not.

So if your administrator has configured your VPN to use server + client certificate or server certificate + xauth, which appears to be the case given the error message, this version of vpnc will not work for you. This is a shame, but it may be possible to get a version compiled against openssl, which would help if the config specifies hybrid mode. I can take a look into that if you can confirm that your configuration specifies "IKE Authmode hybrid". Failing that, it looks like we're back to debugging the problem with the Cisco VPN client, which I have no knowledge of and obviously can't look at the source code of.