09-24-2011 12:14 PM - edited 09-26-2011 10:08 PM
I'm running into problems trying to VPN to my work place with Juniper network connect. Also using firefox on gentoo. I was hoping someone might have an idea of what's happening. Here's as much info as I could find.
~/.juniper_networks $ ./network_connect/ncsvc --version Juniper Network Connect Server for Linux. Version : 6.5 Release Version : 6.5-0-Build15977 Build Date/time : Jun 4 2010 12:32:46 Copyright 2001-2008 Juniper Networks
Here's my ./dsHCLauncher_linux1.log. This seems to show the prob, but now sure how to fix it.
../common/Secure:1183 (09/23 19:37:38.816)[applet-SecureHCLauncher.class-1] (19:37:38:811)[SLA][thread applet-SecureHCLauncher.class-1] --------------------------------------------------
--- ../common/Secure:1183 (09/23 19:37:38.822)[applet-SecureHCLauncher.class-1] (19:37:38:822)[SLA][thread applet-SecureHCLauncher.class-1] Parameter0=action=setcookie;interval=0;process_tim eout=20;failurl=;cert_md5=1da41d27f898372ab26794e1 b778a317;hash_key=06f23f73c642837ab7c12ecbe431b75d 1382bad1;id=ffed1bas832343badb5af7a08766ab48428ef3 6e28;logging=1 ../common/Secure:1185 (09/23 19:37:38.822)[applet-SecureHCLauncher.class-1] (19:37:38:822)[SLA][thread applet-SecureHCLauncher.class-1] *** ERROR *** EXCEPTION : null java.lang.Exception: Cound not find null/narport.txt; cannot send null action to Host Checker at SecureHCLauncher.openCommandSocket(SecureHCLaunche r.java:420) at SecureHCLauncher.sendAction(SecureHCLauncher.java: 448) at SecureHCLauncher.start(SecureHCLauncher.java:194) at sun.plugin2.applet.Plugin2Manager$AppletExecutionR unnable.run(Plugin2Manager.java:1698) at java.lang.Thread.run(Thread.java:662) ../common/Secure:1183 (09/23 19:37:38.823)[applet-SecureHCLauncher.class-1] (19:37:38:823)[SLA][thread applet-SecureHCLauncher.class-1] OnFinished=setcookie_done
Here I'm running the .juniper_networks/network_connect/ncdiag and even though there's lots of ping failures, I get out on the internet just find w/ this machine.
~/.juniper_networks/network_connect $ ./ncdiag -A NC Diagnostics for Linux. Version 1.0. Release Date/Time: Jun 4 2010 12:32:48 +=================================================
=============================+ | Tests: | Results: | +================================================= =============================+ o NC Installation Check Failed o NC Diagnostics NC Service Not Running NC Driver Test Passed NC Tunnel Test Not established o Host Details Hostname Numbers Domainname (none) IP Routing Enabled Yes IP Loopback test Passed Nameserver Details 220.127.116.11 Ping Failed 18.104.22.168 Ping Failed Gateway Ping Test 192.168.1.1 Ping Passed o Network Connection Diagnostics Interface: lo IP Address: 127.0.0.1 Netmask: 255.0.0.0 MTU: 16436 Interface: eth0 IP Address: 192.168.1.11 Netmask: 255.255.255.0 Broadcast: 192.168.1.255 MTU: 1500 Interface: br0 IP Address: 192.168.100.254 Netmask: 255.255.255.0 Broadcast: 192.168.100.255 MTU: 1500 o Route Info Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 br0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 127.0.0.0 127.0.0.1 255.0.0.0 UG 0 0 0 lo 0.0.0.0 192.168.1.1 0.0.0.0 UG 2 0 0 eth0 Finished running tests +================================================= =============================+
$ sudo eselect java-nsplugin list Available 32-bit Java browser plugins  emul-linux-x86-java-1.6 current  emul-linux-x86-java-1.6-old_oji Available 64-bit Java browser plugins  icedtea6-bin  sun-jdk-1.6 current  sun-jre-bin-1.6
$ sudo java-config -L The following VMs are available for generation-2: 1) Sun 32bit JRE 22.214.171.124 [emul-linux-x86-java-1.6] 2) IcedTea6-bin 1.10.3 [icedtea6-bin] *) Sun JDK 126.96.36.199 [sun-jdk-1.6] 4) Sun JRE 188.8.131.52 [sun-jre-bin-1.6]
09-26-2011 09:58 PM
Not sure how to disable the "hostcheck for this role". I'm not the admin. Just trying to log into my place of work. They don't know much about linux.
When I get to the page that shows "Network Connect" under "Client Application Sessions" in firefox, I then press the "start" button, but the same page just reappears.
09-27-2011 05:48 AM
You will need to talk to the SA admin as the Host Checker is probably searching for Windows-specific components. If they agree to allow Linux to connect with Network Connect to the network they should configure the SA to allow it, the HC for Linux can check Ports, Processes and Files while HC for Windows has many more checks it can perform.
You must explicitly create policies for each operating system you want to
allow. For example, if you create a Windows Host Checker policy, but don't create
one for Mac or Linux, users who sign into the IVE from a Mac or Linux machine
will not comply with the Host Checker policy and therefore will not be able to
access the realm, role, or resource on which you enforce Host Checker."
On Linux systems, Host Checker is not supported when launching Network
Connect through ncsvc."
If there is difficulty getting NC to connect they could try enabling JSAM access for Linux.