May 5, 2013

Connect to a Cisco VPN via VPNC using .pcf configurations file

If you want to connect to a Cisco VPN from a Linux host, its better to use the Cisco AnyConnect VPN client for Linux. It is a free client tool but you need to login to the Cisco website.

VPNC is a free VPN client which is capable of connecting to Cisco VPNs (3000).

Use yum to install vpnc.

# yum install vpnc NetworkManager-vpnc vpnc-consoleuser -y

It will install all necessary packages. In the installation it create a default configurations file in the configurations directory. You need to backup that.

# mv  /etc/vpnc/default.conf  /etc/vpnc/default.conf.bak

Then you need to convert the .pcf file into a vpnc configurations file. To do that you need to run a script.

# perl   /usr/share/doc/vpnc-*/pcf2vpnc   your.pcf   /etc/vpnc/default.conf


After creating the configurations file you can try to connect to the VPN by;

# vpnc

It will ask for the user password;

# Enter password for youusername@your.vpn.server :

Give the password. If that succeed you can see a message like this.

# VPNC started in background (pid: 18957)

If you want to disconnect from the VPN, simply type ;

# vpnc-disconnect

Then it will try to disconnect your session from the VPN and will give a message like this.

# Terminating vpnc daemon (pid: 18957)


Apr 22, 2013

Setup a RedHat PXE server

You need to have following packages and services installed and running.
vsftpd
dhcpd
xinetd
tftpd
tftpd-server
system-config-netboot
Note: It is better to switch off IPTables untill you complete the hole process.

First mount the RHEL DVD to the system.

Then install the vsftpd system. I will use the vsftpd-* package in the RHEL6 instalation DVD.
# cd /media/rhel6/Packages
# yum localinstall vsftpd-* -y
Then start the service and switch it on at the startup
# service vsftpd start
# chkconfig vsftpd on
This will install the vsftp on the system. In the installation it will create a directory in "/var/ftp/pub". We can create the OS installation repository on this location. It is the public folder of our FTP server.
mkdir /var/ftp/pub/rhel6
I copy the full image to that location so we can use a FTP connection to do the installation.
cp -r /media/rhel6/* /var/ftp/pub/rhel6
Change a repo to use that location as a local repository
# vim /etc/yum.repos.d/local.repo
on that;
[localrepo]
name= local repository
baseurl=ftp://192.168.0.10/pub/rhel6
gpgcheck=0
Then install the tftp service
# yum install -y tftp* xinetd*
Then you need to install the "system-config-netboot" package.
# wget http://mirrors.kernel.org/centos/5/os/x86_64/CentOS/alchemist-1.0.36-2.el5.x86_64.rpm
# wget http://mirrors.kernel.org/centos/5/os/x86_64/CentOS/system-config-netboot-0.1.45.1-5.el5.noarch.rpm
# wget http://mirrors.kernel.org/centos/5/os/x86_64/CentOS/system-config-netboot-cmd-0.1.45.1-5.el5.noarch.rpm
"system-config-netboot" depends on "alchemist-" package and it depends on "python-abi" package. Then again "python-abi" requires python-2.4 to install it, but RHEL6 almost have the latest python-2.6. So we install the "alchemist-" with --nodeps flag.
# rpm -ivh alchemist-1.0.36-2.el5.x86_64.rpm --nodeps
# rpm -ivh system-config-netboot-*
tftpd-server create this "/tftpboot/linux-install/" directory. Now we need to edit this "/etc/xinetd.d/tftp" file to point the tftpboot path to this automatically created directory.
# vim /etc/xinetd.d/tftp
on that file;
...
server_args = -s /tftpboot # change the original "/var/lib/tftpboot" to "/tftpboot"
...
Now run this command to generate the PXE boot item
pxeos -a -i "RedHat EL 6" -p FTP -D 0 -s 192.168.0.10 -L /pub/rhel6 RHEL6
This command will create a directory called as "/tftpboot/linux-install/RHEL6".

Then restart the xinetd and tftp services.
# service xinetd restart
# chkconfig xinetd on
# chkconfig tftp on
Now you need to install the DHCP service. This will forward the tftp server details to the required server.
# yum install dhcp -y
Then edit the dhcp configurations file.
# vim /etc/dhcp/dhcpd.conf
on that file;
option domain-name-servers  192.168.0.1;
allow bootp;
allow booting;

subnet 192.168.0.0 netmask 255.255.255.0 {
  range 192.168.0.100 192.168.0.200;
  option routers 192.168.0.1;
}

next-server 192.168.0.50; # name of your TFTP server
filename "linux-install/pxelinux.0"; # name of the boot loader program
Then restart the dhcp serice.
# service dhcpd restart
# chkconfig dhcpd on

Put a kickstart configurations file in the ftp pub location "/var/ftp/pub/ks.cfg".
# vim /tftpboot/linux-install/pxelinux.cfg/default
and add the kernel parameter (ks=ftp://192.168.0.10/pub/ks.cfg) for the kickstart file.
...
label 1
  kernel RHEL6/vmlinuz
  append initrd=RHEL6/initrd.img ramdisk_size=16000 method=ftp://192.168.0.10/pub/rhel6 ip=dhcp ks=ftp://192.168.0.10/pub/ks.cfg