Connecting to SBU Computer Science Palo Alto Network GlobalProtect Gateway from Ubuntu

The following documentation is based on Ubuntu 16.04.3 LTS

  • Install the vpnc package on your system:

sudo apt-get install vpnc
$ sudo apt-get install vpnc
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following additional packages will be installed:
  iproute vpnc-scripts
Suggested packages:
  dnsmasq openssh-server
The following NEW packages will be installed:
  iproute vpnc vpnc-scripts
0 upgraded, 3 newly installed, 0 to remove and 3 not upgraded.
Need to get 90.7 kB of archives.
After this operation, 294 kB of additional disk space will be used.
Do you want to continue? [Y/n] 
Get:1 http://us.archive.ubuntu.com/ubuntu xenial/universe amd64 vpnc-scripts all 0.1~git20150318-1 [12.3 kB]
Get:2 http://us.archive.ubuntu.com/ubuntu xenial/universe amd64 vpnc amd64 0.5.3r550-2build1 [76.0 kB]
Get:3 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 iproute all 1:4.3.0-1ubuntu3.16.04.3 [2,430 B]
Fetched 90.7 kB in 0s (1,038 kB/s)
Selecting previously unselected package vpnc-scripts.
(Reading database ... 211364 files and directories currently installed.)
Preparing to unpack .../vpnc-scripts_0.1~git20150318-1_all.deb ...
Unpacking vpnc-scripts (0.1~git20150318-1) ...
Selecting previously unselected package vpnc.
Preparing to unpack .../vpnc_0.5.3r550-2build1_amd64.deb ...
Unpacking vpnc (0.5.3r550-2build1) ...
Selecting previously unselected package iproute.
Preparing to unpack .../iproute_1%3a4.3.0-1ubuntu3.16.04.3_all.deb ...
Unpacking iproute (1:4.3.0-1ubuntu3.16.04.3) ...
Processing triggers for man-db (2.7.5-1) ...
Setting up vpnc-scripts (0.1~git20150318-1) ...
Setting up vpnc (0.5.3r550-2build1) ...
Setting up iproute (1:4.3.0-1ubuntu3.16.04.3) ...

  • Connect to CS vpn. You will be prompted for 2 sets of credentials.
    IPsec ID: cs_mobile
    IPSec secret: mobile

vpn.cs.stonybrook.edu: Use your Computer Science Active Directory user ID and password

Execute vpnc:
sudo vpnc
Enter IPSec gateway address: vpn.cs.stonybrook.edu 
Enter IPSec ID for vpn.cs.stonybrook.edu: cs_mobile
Enter IPSec secret for cs_mobile [at] vpn.cs.stonybrook.edu
Enter username for vpn.cs.stonybrook.edu: cs\{your CS Active Directory user ID}
Enter password for cs\xxx@vpn.cs.stonybrook.edu
VPNC started in background (pid: 26186)...

  • Verify your VPN connection. The tun0 interface information shows your CS VPN IP address provided by the Palo Alto Global Protect Gateway.

ifconfig
tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:130.245.76.6  P-t-P:130.245.76.6  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1342  Metric:1
          RX packets:21 errors:0 dropped:0 overruns:0 frame:0
          TX packets:27 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500 
          RX bytes:8446 (8.4 KB)  TX bytes:1980 (1.9 KB)
 

  • Disconnecting VPN connection:

sudo vpnc-disconnect