Juniper VPN setup in RaspberryPi 3

  • Juniper VPN setup in RaspberryPi 3

    Hello friends. I have tried to setup a Juniper VPN in a RaspberryPi 3 using pi64 as operating system, because the necessity of execute Juniper binaries that are not available for ARM architecture with the official Raspbian image. Following some tutorials like this: I tried first to do it with the icedtea-plugin to get the .jar files and searching a way with the offical Oracle Java Plugin, but only through icedtea is the option available for RaspberryPi and always fail during the Java API execution. After this, I tried with this great page of Arch Wiki following the content “Manual installation of msjnc”: but not success. Finally and currently I am trying these steps of a workmate:

    1. Install the next packages as root:

    aptitude install stoken libc6:i386 zlib1g:i386 libgtk2-perl libwww-perl qemu libstdc++6:i386 libxext6:i386 libxrender1:i386 libxtst6:i386 libxi6:i386 build-essential cmake pcap-dev linux-headers-[latest]

    2. Import the .sdtid file of our VPN with stoken as pi user:
    $ stoken import –file file_name.sdtid

    3. Create the Juniper network_connect directory as pi user:
    $ mkdir -p ~/.juniper_networks/network_connect

    4. Enter with Iceweasel to the URL of our customer login resource to obtain the ncLinuxApp.jar and download it.

    5. Move ncLinuxApp.jar file to  ~/.juniper_networks/network_connect as pi user:
    $ mv /home/pi/Downloads/ncLinuxApp.jar /home/pi/.juniper_networks/network_connect

    6. Unzip the ncLinuxApp.jar file as pi user:
    $ unzip ncLinuxApp.jar

    7. Set the necessary privileges as root in the next files inside /home/pi/.juniper_networks/network_connect:

    chown root:root ncsvc

    chmod 6711 ncsvc

    chmod 744 ncdiag

    chmod +x

    8. Obtain the customer VPN certificate as pi user:
    $ ./ file_name.cert

    9. Execute the next command as root:

    echo 0 | tee /proc/sys/net/ipv6/conf/default/router_solicitations

    10. And finally execute the connection to the VPN as pi user:
    $ stoken --pin pin_number
    $ ./ncsvc -h -u user_name -p 84535943(token_code) -r BlackBerry -f ./file_name.cert -U ‘

    And when the execution finish, the next message appear in the shell prompt:
    Connecting to : 443
    Unsupported ioctl: cmd=0x400454ca

    In the /home/pi/.juniper_networks/network_connect/ncsvc.log file I obtain the next output:

    20170620100817.757984 ncsvc[p2503.t2503] New ncsvc log level set to 3 (nccommon.cpp:75)
    20170620100817.788892 ncsvc[p2503.t2503] restoring DNS settings… (sysdeps.cpp:759)
    20170620100817.791375 ncsvc[p2503.t2503] sysdeps.error rename /etc/jnpr-nc-resolv.conf => /etc/resolv.conf failed wirh error 2 (sysdeps.cpp:762)
    20170620100817.793437 ncsvc[p2503.t2503] sysdeps.error rename /etc/jnpr-nc-hosts.bak => /etc/hosts failed wirh error 2 (sysdeps.cpp:766)
    20170620100817.818755 ncsvc[p2503.t2503] Connecting to (ncsvc.cpp:494)
    20170620100818.174685 ncsvc[p2503.t2503] state: kStateSignin (dsclient.cpp:256)
    20170620100818.175954 ncsvc[p2503.t2503] –> GET /dana-na/auth/url_9/login.cgi (authenticate.cpp:179)
    20170620100818.204497 ncsvc[p2503.t2503] <– 302 (authenticate.cpp:211)
    20170620100818.205773 ncsvc[p2503.t2503] state: kStateWelcome (dsclient.cpp:264)
    20170620100818.208268 ncsvc[p2503.t2503] –> GET /dana-na/auth/url_9/welcome.cgi?p=failed (authenticate.cpp:179)
    20170620100818.357804 ncsvc[p2503.t2503] <– 200  (authenticate.cpp:211)
    20170620100818.361547 ncsvc[p2503.t2503] state: kStateLogin (dsclient.cpp:296)
    20170620100818.363715 ncsvc[p2503.t2503] –> POST /dana-na/auth/url_9/login.cgi (authenticate.cpp:179)
    20170620100822.657145 ncsvc[p2503.t2503] <– 302 (authenticate.cpp:211)
    20170620100822.659096 ncsvc[p2503.t2503] –> GET /dana/home/starter0.cgi?check=yes (authenticate.cpp:179)
    20170620100822.862424 ncsvc[p2503.t2503] <– 200  (authenticate.cpp:211)
    20170620100822.866624 ncsvc[p2503.t2503] starter0.cgi has asked for tz_offset parameter (authenticate.cpp:372)
    20170620100822.871651 ncsvc[p2503.t2503] starter0.cgi has asked for clienttime parameter (authenticate.cpp:379)
    20170620100822.875161 ncsvc[p2503.t2503] –> POST /dana/home/starter0.cgi?check=yes (authenticate.cpp:179)
    20170620100823.50360 ncsvc[p2503.t2503] <– 302 /dana/home/starter.cgi (authenticate.cpp:211)
    20170620100823.51729 ncsvc[p2503.t2503] –> GET /dana/home/starter.cgi (authenticate.cpp:179)
    20170620100823.233175 ncsvc[p2503.t2503] <– 200  (authenticate.cpp:211)
    20170620100823.236412 ncsvc[p2503.t2503] state: kStateAuthenticated (dsclient.cpp:376)
    20170620100823.246444 ncsvc[p2503.t2503] listening for IPC connections on port 4242 (ncipc.cpp:83)
    20170620100823.266499 ncsvc[p2503.t2503] unregistering the IPC acceptor IO handler (ncipc.cpp:125)
    20170620100823.273019 ncsvc[p2503.t2503] client opening connection to service (ncipc.cpp:319)
    20170620100823.273788 ncsvc[p2503.t2503] disconnectAll called (session.cpp:1648)
    20170620100823.275666 ncsvc[p2503.t2503] New tunnel being created (tunnel.cpp:52)
    20170620100823.289637 ncsvc[p2503.t2503] received onOpen (ncsvc.cpp:546)
    20170620100823.295016 ncsvc[p2503.t2503] ive_host = (session.cpp:195)
    20170620100823.299163 ncsvc[p2503.t2503] Will not use a proxy to connect to the IVE (session.cpp:237)
    20170620100823.318372 ncsvc[p2503.t2503] got system route gw metric 202 via 0x081C0F70 (routemon.cpp:714)
    20170620100823.320132 ncsvc[p2503.t2503] got system route gw metric 202 via 0x457A5556 (routemon.cpp:714)
    20170620100823.321366 ncsvc[p2503.t2503]  Collecting latest routes from the system (routemon.cpp:1452)
    20170620100823.324434 ncsvc[p2503.t2503] best route to is via 0x081C0F70 metric: 202 (routemon.cpp:1473)
    20170620100823.326063 ncsvc[p2503.t2503] best route to gateway: gw via 0x457A5556 metric 202 (routemon.cpp:1976)
    20170620100823.326835 ncsvc[p2503.t2503] attempting to add route to next hop gateway (routemon.cpp:1980)
    20170620100823.328271 ncsvc[p2503.t2503] adding route to with gw, metric 1, if_id 1165645142 (routemon.cpp:872)
    20170620100823.331367 ncsvc[p2503.t2503] adding server route to the IVE: dest =, gw =, if_id = 136056688, dev = eth0 (routemon.cpp:1547)
    20170620100823.334352 ncsvc[p2503.t2503] connecting to ive (session.cpp:362)
    20170620100823.342682 ncsvc[p2503.t2503] ncp.error ncpEstablish for IVE with context 0x81c0c60 (ncp.cpp:428)
    20170620100823.376230 ncsvc[p2503.t2505] Setting DSSSL to use Default ciphers (ncp.cpp:1680)
    20170620100823.453247 ncsvc[p2503.t2505] Setting NCP certificate hash for DSSSL certificate verification (ncp.cpp:1689)
    20170620100823.458097 ncsvc[p2503.t2505] Using DSSSL to connect to IVE (ncp.cpp:1750)
    20170620100823.460329 ncsvc[p2503.t2505] creating a new HTTP connection… (ncp_dsssl.cpp:176)
    20170620100823.907512 ncsvc[p2503.t2505] compression is enabled (ncp_dsssl.cpp:400)
    20170620100823.909396 ncsvc[p2503.t2505] IVE ncp_version = 2 (ncp_dsssl.cpp:410)
    20170620100823.923601 ncsvc[p2503.t2505] cleanup 0 (ncp.cpp:1418)
    20170620100823.925116 ncsvc[p2503.t2505] ncp.error NCP_ESTABLISH_DONE for IVE (ncp.cpp:1793)
    20170620100823.928867 ncsvc[p2503.t2503] establish done (ncphandler.cpp:279)
    20170620100823.931022 ncsvc[p2503.t2503] connect to raspberrypi:443 svc 4 (ncp.cpp:779)
    20170620100823.932099 ncsvc[p2503.t2503] creating a new HTTP connection… (ncp_dsssl.cpp:176)
    20170620100824.37056 ncsvc[p2503.t2505] compression is enabled (ncp_dsssl.cpp:400)
    20170620100824.38277 ncsvc[p2503.t2505] IVE ncp_version = 2 (ncp_dsssl.cpp:410)
    20170620100824.41790 ncsvc[p2503.t2505] connect.error deflateInit2 returned 0 (ncp_dsssl.cpp:486)
    20170620100824.83063 ncsvc[p2503.t2503] connect done (ncphandler.cpp:284)
    20170620100824.84153 ncsvc[p2503.t2503] Connected to ive (session.cpp:426)
    20170620100824.85278 ncsvc[p2503.t2503] adapter.error Can not TUNSETIFF 38 (adapter.cpp:309)
    20170620100824.85813 ncsvc[p2503.t2503] onConnected calling disconnect for ive (session.cpp:431)
    20170620100824.86336 ncsvc[p2503.t2503] disconnecting from ive with reason 6 (session.cpp:506)
    20170620100824.86686 ncsvc[p2503.t2503] closing tun adapter FFFFFFFF (adapter.cpp:747)
    20170620100824.88829 ncsvc[p2503.t2503] restoring DNS settings… (sysdeps.cpp:759)
    20170620100824.89360 ncsvc[p2503.t2503] sysdeps.error rename /etc/jnpr-nc-resolv.conf => /etc/resolv.conf failed wirh error 2 (sysdeps.cpp:762)
    20170620100824.89770 ncsvc[p2503.t2503] sysdeps.error rename /etc/jnpr-nc-hosts.bak => /etc/hosts failed wirh error 2 (sysdeps.cpp:766)
    20170620100824.96534 ncsvc[p2503.t2503] disconnecting from ive with reason 6 (session.cpp:506)
    20170620100824.96963 ncsvc[p2503.t2503] closing tun adapter FFFFFFFF (adapter.cpp:747)
    20170620100824.97274 ncsvc[p2503.t2503] restoring DNS settings… (sysdeps.cpp:759)
    20170620100824.97554 ncsvc[p2503.t2503] sysdeps.error rename /etc/jnpr-nc-resolv.conf => /etc/resolv.conf failed wirh error 2 (sysdeps.cpp:762)
    20170620100824.97812 ncsvc[p2503.t2503] sysdeps.error rename /etc/jnpr-nc-hosts.bak => /etc/hosts failed wirh error 2 (sysdeps.cpp:766)
    20170620100824.98358 ncsvc[p2503.t2503] ncphandler.error NCP disconnect failed, error 107 (ncphandler.cpp:131)
    20170620100824.98958 ncsvc[p2503.t2503] ncp.error ncpTearDown for IVE (ncp.cpp:497)
    20170620100824.99602 ncsvc[p2503.t2505] worker.error NCP worker has been requested to stop (ncp_dsssl.cpp:649)
    20170620100824.100750 ncsvc[p2503.t2503] disconnect done - tearing down (ncphandler.cpp:322)
    20170620100824.104126 ncsvc[p2503.t2505] cleanup 0 (ncp.cpp:1418)
    20170620100824.104877 ncsvc[p2503.t2505] writer.error thread exit (ncp.cpp:1848)
    20170620100824.104945 ncsvc[p2503.t2503] teardown done (ncphandler.cpp:340)
    20170620100824.110486 ncsvc[p2503.t2503] ncp.error ncpCleanup for IVE (ncp.cpp:618)
    20170620100824.130999 ncsvc[p2503.t2503] disconnected from ive with reason 6 (session.cpp:569)
    20170620100824.192462 ncsvc[p2503.t2503] received onDisconnect with reason = 6 (ncsvc.cpp:628)
    20170620100824.213766 ncsvc[p2503.t2503] IpcConn.error recv failed with errno 16 (ncipc.cpp:273)

    Can someone explain me what is happening or help me to setup in a correct way this Juniper VPN in RaspberryPi please?