VPN: Difference between revisions

From Han Wiki
Jump to navigation Jump to search
iwu
 
No edit summary
Line 1: Line 1:
Connecting to a VPN that uses Juniper Pulse Secure client.
= Juniper Pulse Secure client =
 
{{testedon|2020-04-22|CentOS 7.7.1908}}
 
First, get the CA certificate file to get rid of the following error:
 
<code>Server certificate verify failed: signer not found</code>
 
<source lang="console">
echo -n | openssl s_client -connect vpn.myuniversity.edu:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ~/certs/myschool-vpn-cafile.crt
</source>
 
Then grab the --servercert sha256:whateverhexcodehere that shows up when you execute the following line:
 
<source lang="console">
$ sudo openconnect --authgroup=colleges --user=skan --cafile=/home/skan/certs/server --cafile=/home/skan/certs/myschool-vpn-cafile.crt --juniper https://vpn.myuniversity.edu
</source>
 
Disconnect using <code>ctrl-c</code> and then add the --servercert param:


<source lang="console">
<source lang="console">
$ sudo openconnect --authgroup=colleges --user=skan --juniper https://vpn.myuniversity.edu
$ sudo openconnect --authgroup=colleges --user=skan --cafile=/home/skan/certs/server --cafile=/home/skan/certs/myschool-vpn-cafile.crt --servercert sha256:043c3a132f34d87ba8c507f21d775a08dc1d85aa3f2d782996d66d17865af2e0 --juniper https://vpn.myuniversity.edu
</source>
</source>

Revision as of 10:14, 22 April 2020

Juniper Pulse Secure client

  • Last tested on CentOS 7.7.1908 (2020-04-22)

First, get the CA certificate file to get rid of the following error:

Server certificate verify failed: signer not found

echo -n | openssl s_client -connect vpn.myuniversity.edu:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ~/certs/myschool-vpn-cafile.crt

Then grab the --servercert sha256:whateverhexcodehere that shows up when you execute the following line:

$ sudo openconnect --authgroup=colleges --user=skan --cafile=/home/skan/certs/server --cafile=/home/skan/certs/myschool-vpn-cafile.crt --juniper https://vpn.myuniversity.edu

Disconnect using ctrl-c and then add the --servercert param:

$ sudo openconnect --authgroup=colleges --user=skan --cafile=/home/skan/certs/server --cafile=/home/skan/certs/myschool-vpn-cafile.crt --servercert sha256:043c3a132f34d87ba8c507f21d775a08dc1d85aa3f2d782996d66d17865af2e0 --juniper https://vpn.myuniversity.edu