Aladdin eToken & vpnclient.

Installation, configuration and troubleshooting of the Cisco VPN Client on Linux systems

Aladdin eToken & vpnclient.

Postby apmari » Tue Sep 23, 2008 12:33 pm

Hi ppl!
first of all thanks for the topic "Cisco VPN client freezes computer when using wireless wlan0". It solved me an issue.

Second, a question.
Did someone configure the vpnclient to work with Aladdin USB eToken with an private PKI?
Regards,
apm
apmari
Private
Private
 
Posts: 1
Joined: Tue Sep 23, 2008 12:25 pm

Re: Aladdin eToken & vpnclient.

Postby tuxx-home.at » Mon Oct 13, 2008 2:41 pm

No, sorry, I haven't used such a configuration by now.

But we might be able to work it out, if you like.
Can you mount the USB key and have file level access to the certificates on it?
User avatar
tuxx-home.at
Supreme Commander
Supreme Commander
 
Posts: 2199
Joined: Mon Jan 01, 2007 12:51 pm
Location: Vassach - Austria - Europe

Re: Aladdin eToken & vpnclient.

Postby pcapazzi » Thu May 14, 2009 5:17 am

You probably already found the answer to the vpnclient freezing over wireless. I went through that. It's due to a bug with the vpnclient mixed with dual core processors. Before booting disable dualcore processing (I do it by BIOS, you can do it my maxcpus param during boot I think... look it up). Anyway, I know disabling it in BIOS works.

The next thing is what I need help with, the eToken. I'm trying to get this running. I've made some progress where at least the eToken lights up. It's not the easiest to get to...

I have the Aladdin eToken Pro 32k. The steps I took on Ubuntu 9.04 is to install opensc and openct. To be honest I don't know if it's dependent on these, but it's one of the steps I took while reading things on the web.

The second thing which is more difficult is the Aladdin middleware. It seems to be supported for RedHat, SUSE, and Fedora. Look for Linux_MW_Release or
etoken-3-60.14-linux-i386. I'm pretty sure there's one line you have to change in a file if you're going to install on Ubuntu because it checks for the distribution names.

You have to edit the Installer.pm file as detailed in this link:
http://ubuntuforums.org/archive/index.php/t-452273.html

As soon as I ran ./petoken install the red light illuminated on the card which is good.

I then also ran opensc-explorer and opensc-tool to view contents and other info.

If I find anything more I'll post it.

Some links:
https://www.kaspersky.com/vpnhelp/other ... html#linux
http://www.etokenonlinux.org/et/HowTos/eToken_on_debian
http://ubuntuforums.org/archive/index.php/t-452273.html
http://www.nikhef.nl/pub/projects/grid/ ... rtificates
http://www.nikhef.nl/pub/projects/grid/ ... th_firefox

If you make progress please write about it... thanks!

Pete
pcapazzi
Private
Private
 
Posts: 1
Joined: Thu May 14, 2009 4:50 am

Re: Aladdin eToken & vpnclient.

Postby varu0612 » Fri Jun 19, 2009 6:06 pm

HI,

In the last few days i've been trying to get the cisco vpn client working with eToken and i just found out after etoken was recognized by my CentOS 5.2 distro that Cisco VPN client 4.8 doesn't support smart cards on Linux.

Is it a way of re-writing the client so it can recognize the etoken? I understood that on MS the client is using the CAPI API to read from the etoken.

When the etoken is accessible i can't see it using mount command or access the files. The only way i can access the etoken is using the PKI Client.

I'm planning to write a note how to get the client working with digital certificates.

Regards
varu0612
Private
Private
 
Posts: 6
Joined: Fri Jun 12, 2009 6:35 pm


Return to Cisco VPN Client on Linux systems

Who is online

Users browsing this forum: No registered users and 3 guests

cron