Wednesday, 11 April 2012

Juniper VPN in Fedora

Whilst I am not a fan of Juniper Network Connect in the last few years I have had to connect to several networks that use it.  The biggest problem with it is that it is a combination of Java and a 32bit C library which will not work when executed with a 64bit version of Java.
There are other ways of connecting such as the Mad Scientist script but if you use things like two-factor authentication this will not work.  So I brought together things I have learnt from web postings about getting it to work in Ubuntu and have created these steps.  They work in Fedora 17 and should work in 16 too:

Step 1

We need to install OpenJDK Java, we also need xterm for the root password during installation:
sudo yum install java-1.7.0-openjdk.i686 java-1.7.0-openjdk.x86_64 icedtea-web xterm

Step 2

Now we need to tell Java to execute the Juniper binaries in 32bit mode but everything else in 64bit mode, to do this we first rename the 64bit Java binary:
cd /usr/lib/jvm/jre-1.7.0-openjdk.x86_64/bin/
mv java java.orig

Then create a replacement file called “java” with the following:
#!/bin/bash
if [ $3x = "NCx" ]
then
    /usr/lib/jvm/jre-1.7.0-openjdk/bin/java "$@"
else
    /usr/lib/jvm/jre-1.7.0-openjdk.x86_64/bin/java.orig "$@"
fi

Finally make this executable:
sudo chmod +x java

Step 3

Log on to your VPN's website as normal, an xterm session will pop up for your sudo password the first time you use this to install it.

6 comments:

  1. Does this setup still work for you? It used to work for me too but after a new installation of F17 with all updates I haven't been able to make it work. Our version of Juniper Network Connect is:

    Juniper Connect v7.1
    7.1-9-Build20893

    I am running a fully up to date Fedora 17 x86_64 and otherwise the same configuration as your post describes.

    Thank you.

    ReplyDelete
  2. Hi Michael,

    I think the paths have changed in recent OpenJDK releases but this was working for me in Juniper 7.0 in Fedora 17. Unfortunately I am now using Mint instead due to some needed drivers that have broken in a recent Fedora update.

    I have been informed that Juniper 7.2 will support 64bit Fedora 17 natively. I really do hope that is true.

    ReplyDelete
  3. Hi Linuxjedi,
    thanks for your detailed steps ..
    I followed it and was able to get up to the popup where I enter my sudo password.
    After that nothing happened .. I didn't get the network connect window
    what could be my problem ?

    using: Fedora 17, Juniper Connect v7.1
    Any help is much appreciated.
    Khalid.

    ReplyDelete
  4. Hi Khalid,

    Likely problems are:

    1. One of the paths are wrong in the bash script
    2. You didn't make the script executable which chmod +x (I personally keep forgetting to do this)
    3. Check that resolvconf is creating an /etc/resolv.conf (although I've only seen this issue in Ubuntu based distros)

    Best place to start if it is none of those is see where the /etc/alternatives/java symlink is pointing. If it isn't "/usr/lib/jvm/jre-1.7.0-openjdk.x86_64/bin/java" then that is probably why.

    ReplyDelete
  5. Shaun Says,
    Actually this is my first time to know about Juniper VPN in Fedora. I hope that provided steps and direction will help me to try it out. Thanks for this handy direction and I hope that you will help me if I will face any problem while will try.

    ReplyDelete