I am able to use the FirePass web interface without the plugin to have a remote access experience like Cisco's WebVPN - but I'd really like to have full network connectivity. Did you have to do anything special to get vpnc to work in OS2008? I was under the impression that it didn't work in OS2008 yet. This could be an option for me...especially if it can use certs for authentication. Thanks, Matt ----- Original Message ----- From: "Wayne Fiori" <dev9null at gmail.com> To: "Matthew Alexander" <ma4d at hotmail.com> Cc: <maemo-users at maemo.org> Sent: Monday, January 07, 2008 5:39 PM Subject: Re: Web (SSL) VPN on n810 > I've been using the N800 with Cisco's WebVPN (via an ASA). It is a > completely clientless VPN application and work perfectly with the > OS2008 web browser and OS. (I'm also using vpnc with OS2008) > > The F5 SSL VPN is much more resource demanding. It essentially uses > SSL in an manner to make it identical to IPSec. That's why it is > asking for something to be installed on the client. Talk with your > network admin about the need for this plugin. It might not be > necessary for authentication/authorization or basic communication. The > plugin is likely necessary for IPSec-like functionality. > -- > =Wayne > > On Jan 7, 2008 2:19 PM, Matthew Alexander <ma4d at hotmail.com> wrote: >> >> >> Has anyone had experience getting a browser-based SSL VPN to work on the >> n810? Our company uses F5 FirePass which created a browser plugin to >> connect to its VPN hardware. I tried to install a plugin both through >> the >> browser and manually as root with the terminal and had no luck. The >> components are all in the right places and have the right permissions >> according to F5 but the browser just does not seem to recognize the >> plugin. >> F5's directions are below. Any help will be greatly appreciated. I'm >> going >> to have to return this to Nokia if I can't access my work network with >> it. >> >> It is supported on these platforms: >> >> >> Linux (see instructions above for Linux/Unix) >> >> Workstations with libc version 2 and later >> Kernel support for PPP interfaces (loadable module or statically built >> in) >> PPPD program in the /sbin directory >> Supported Linux platforms: >> Debian(R) 3.1r0 >> Fedora " Core 2 >> Fedora " Core 3 >> Fedora " Core 4 >> Red Hat(R) 9.0 >> Slackware(R) 10.1 >> SuSE(R) 9.x Professional >> TurboLinux(R) Desktop >> >> Supported browsers >> >> Firefox(R) 1.0.x >> HP(R) iPAQ 4155, Version 4.20.0 - Windows(R) Mobile 2003, First Edition >> -i-mode phone >> Microsoft(R) Internet Explorer, version 5.0, 5.5, or 6.0 >> Microsoft(R) Pocket PC 2003 and Microsoft(R) Pocket PC Phone Edition 2003 >> Mozilla(R) version 1.7.x >> Netscape(R) Navigator, version 4.7x or 7.x >> OpenWave(R) WAP browser >> Mozilla(R) version 1.7.x on Apple(R) Mac OS(R) X 10.2.x systems >> Safari(R) version 1.2 on Apple(R) Mac OS(R) X 10.3.x systems >> Safari(R) version 2.0 on Apple(R) Mac OS(R) X 10.4.x systems >> FirePass 5.5 supports the Safari(R) browser for automatically installing >> the >> network access client. You must manually install the Macintosh network >> access client when using other browsers. >> Toshiba(R) E800, Version 4.20.1081 >> Windows(R) Mobile"2003, First Edition >> XDA(R) II, Windows(R) Mobile" 2003 First Edition >> >> Here are the installation instructions: >> >> >> >> -------------------------------------------------------------------------------- >> >> When you use Network Access for the very first time on a remote system >> using >> recent versions of Netscape or Mozilla browsers, the automatic plug-in >> installation mechanism downloads the Network Access client-side >> components. >> >> There are two components: the plug-in itself, and a standalone >> application >> that needs to run with root privileges. Therefore, it must be installed >> on >> the remote system as a suid root application. >> >> The plug-in installation process tries to use 'su' or 'sudo' utilities to >> elevate user privileges to perform the installation. Sometimes, due to >> policy restrictions, these privileges are unavailable. In this case, you >> can >> download the plug-in and other components, and install them manually. >> >> -------------------------------------------------------------------------------- >> >> To install the Network Access plug-in manually, download the plugin and >> the >> SSLVpn.tgz file from the following locations: >> >> Plugin-- >> https://vpn.emory.edu/vdesk/vpn/nogzip/downloads.php/linux/np_F5_SSL_VPN.so >> >> Other components-- >> https://vpn.emory.edu/vdesk/vpn/nogzip/downloads.php/linux/SSLVpn.tgz >> >> SSLVpn.tgz contains the full paths to the application files (under >> /usr/local/lib). Do not attempt to install these in a different >> directory. >> For security reasons, it is important to preserve all the directories >> permissions and ownership of the files included in the package (and, of >> course, to make sure that the svpn application is suid root). This >> command: >> >> cd /; tar xpzvf >> >> should do the job on most systems. >> >> [root at mybox]# cd /; tar xpzvf /downloads/SSLVpn.tgz >> >> usr/local/lib/F5Networks/SSLVPN/ >> usr/local/lib/F5Networks/SSLVPN/svpn >> usr/local/lib/F5Networks/SSLVPN/etc/ >> usr/local/lib/F5Networks/SSLVPN/etc/version.txt >> usr/local/lib/F5Networks/SSLVPN/var/ >> usr/local/lib/F5Networks/SSLVPN/var/log/ >> usr/local/lib/F5Networks/SSLVPN/var/run/ >> >> You can install the plug-in np_F5_SSL_VPN.so for a particular user (for >> example, in the directory $HOME/.mozilla/plugins) or system-wide (for >> example, in /usr/local/lib/mozilla/plugins). >> >> cp np_F5_SSL_VPN.so /usr/local/firefox/plugins/ >> >> Restart your browser. >> >> -------------------------------------------------------------------------------- >> >> To uninstall Network Acces client-side components from the system, simply >> remove (recursively) >> >> the directory /usr/local/lib/F5Networks/SSLVPN, and >> the plug-in from the installed location. >> >> >> _______________________________________________ >> maemo-users mailing list >> maemo-users at maemo.org >> https://lists.maemo.org/mailman/listinfo/maemo-users >> >> >
