English
Ask Your Question
3

How do I start a VPN session via the command-line? [closed]

asked 2011-12-23 00:07:24 +0000

updated 2011-12-23 00:07:46 +0000

I have a machine that I have configured to connect to a Cisco VPN network. If I'm sitting in front of the machine, I can use NetworkManager menu in Fedora 16 to connect to it. However, I'd like to initiate the VPN connection via the command-line while logged in from another machine on the same subnet network over SSH.

Is this possible, and if so, how?

edit retag flag offensive reopen delete

The question has been closed for the following reason "the question is answered, right answer was accepted" by Artur Szymczak
close date 2013-10-02 10:29:02.242340

5 Answers

Sort by » oldest newest most voted
3

answered 2011-12-23 01:25:54 +0000

Bikehead gravatar image

Network manage has a command line interface for controlling its connections: look at nmcli and nm-tool. If VPN already works with NM on the menu bar then this is as simple as it gets.

edit flag offensive delete publish link more

Comments

Thanks for the suggestion: "nmcli con list" gave the the UUID of the VPN connection, then "nmcli con up uuid <uuid>" activated the VPN. This seemed to work when I connected remotely via SSH.

alexlan ( 2011-12-26 22:58:42 +0000 )edit
4

answered 2011-12-23 00:36:03 +0000

ztank1013 gravatar image

updated 2011-12-23 00:45:06 +0000

Use

sudo /usr/sbin/vpnc

which is the command to use if you want to star the VPN client from the command line. You will probably want to use a configuration file /etc/vpnc/default.conf similar to the following unless you want to type each time all the requested options:

IPSec gateway my.vpn.gateway
IPSec ID my.ipsec.id
IPSec secret mysecret

The above file is just an example, you may have/need additional options depending on the remote VPN server configuration.

Note about additional options:

IPSec gateway         The VPN server
IPSec ID              The group name of the VPN server
IPSec secret          The group secret of the VPN server
Xauth username        The user name of the user to login
Xauth password        Here the user's password can be inserted.
                      Because it will be saved in clear text in an
                      ASCII file, this should be avoided because of
                      security reasons

Use

sudo /usr/sbin/vpnc-disconnect

to end the vpn tunnel.

edit flag offensive delete publish link more

Comments

1

BTW, installing the vpnc-consoleuser package allows running vpnc{,-disconnect} without sudo/su.

Ved Vyas ( 2011-12-24 01:13:09 +0000 )edit
0

answered 2011-12-26 23:07:41 +0000

updated 2011-12-26 23:22:10 +0000

Thanks to the suggestion given by Bikehead, here's what worked for me, step-by-step:

  1. ssh to the remote server
  2. run: nmcli con list. This returns a list like the following which includes the UUID of the VPN connection.
    NAME                   UUID                                     TYPE              TIMESTAMP-REAL                    
    System foobar (wlan2)  12323e-535e-c25b-43443-243434a6501   802-11-wireless   Mon 26 Dec 2011 05:56:45 PM EST   
    eth0 192.168.2.50      777776bd0-0bb0-7ffb-45f1-d6edd65f3e03   802-3-ethernet    Sun 17 Apr 2011 07:54:53 PM EDT   
    Connection to VPN from Outside e923399-0b97-4dbe-8199-434343437b   vpn               Mon 26 Dec 2011 05:56:45 PM EST 
  1. Actually activate the VPN using (this seems to require root access):

    sudo nmcli con up uuid e923399-0b97-4dbe-8199-434343437b

  2. Test logging into a server behind the VPN:

    ssh foobar@server.behind.vpn.com

The only problem is that the connection appears to be short-lived. As soon as I disconnect as above, the VPN connection appears to stop.

edit flag offensive delete publish link more

Comments

When you created the VPN connection in NM did you select "Available to all users" checkbox? I have this selected and the VPN connection stays up when I log out.

Bikehead ( 2011-12-31 16:18:58 +0000 )edit

haven't tested that yet, will do so and report back

alexlan ( 2012-01-25 01:22:44 +0000 )edit

It worked for me. Here what I was wanting. From a remote computer (A) with DHCP I would like to ssh another cpu remotelly (B) that only accept vpn connecting. Following these steps, my problem was solved! Thanks alexlan! By the way, VPN on A must be working propoerty.

farasipe ( 2013-02-23 14:01:20 +0000 )edit
0

answered 2012-11-05 12:11:22 +0000

alanwade gravatar image

updated 2013-09-10 07:32:56 +0000

SSH tunnels offer a method to bypass firewalls that command sure web services – farewell as a website permits outgoing connections. As an example, at workplace users is also blocked by some firewalls to access to social websites like facebook and youtube directly through eighty ports. However users might not would like to possess their internet traffic blocked by the firewalls and filters and want to be ready to unblock facebook and youtube. If users will hook up with AN external SSH server, they will produce AN SSH tunnel to forward a given port on their native machine to port eighty on an overseas internet server to bypass those firewalls and filters to unblock facebook and youtube.

edit flag offensive delete publish link more
0

answered 2013-10-02 09:54:26 +0000

Radek gravatar image

Is there a way how to provide secrets/credentials using nmcli for VPN?

edit flag offensive delete publish link more

Comments

please start new question

Artur Szymczak ( 2013-10-02 10:29:21 +0000 )edit

Use your votes!

  • Use the 30 daily voting points that you get!
  • Up-vote well framed questions that provide enough information to enable people provide answers.
  • Thank your helpers by up-voting their comments and answers to your questions.
  • Down-voting might cost you karma, but you should consider doing so for incorrect or clearly detrimental questions and answers.

Question tools

Follow
2 followers

Stats

Asked: 2011-12-23 00:07:24 +0000

Seen: 14,603 times

Last updated: Oct 02 '13