F5 VPN
Clients
- CLI-Only Alternatives
- svpn-login: Last commit 2021-03
- f5vpn-login: Last commit 2020
- NetworkManager-f5vpn "Now that OpenConnect added support for F5 SSL VPN, this project is obsolete"
- F5 SSL VPN on unsupported Linux distribution (Arch Linux, Manjaro, maybe others)
- CLI-Only Alternatives
- svpn-login: Last commit 2021-03
- f5vpn-login: Last commit 2020
- NetworkManager-f5vpn "Now that OpenConnect added support for F5 SSL VPN, this project is obsolete"
go-f5
- GitHub
- Last release 2021
- PR: Parse f5vpn urls
- Config at
~/.gof5/config.yaml
Setup
To make it work with f5-URLs from the browser. Still WIP, not working so far, see this comment
Compile go-f5 from this MR: Parse f5vpn urls #44
git clone https://github.com/fwiesel/gof5
cd gof5
git checkout f5vpn_handler
make build
ln -s $(pwd)/bin/gof5_linux_amd64 ~/bin/download/gof5_linux_amd64
Set capabilities to not run the binary as root:
sudo setcap cap_net_admin,cap_net_bind_service+ep bin/gof5_linux_amd64
Allow modification to systemd-resolved:
sudo mkdir -p /etc/polkit-1/localauthority/50-local.d/
sudo cp org.freedesktop.resolve1.pkla /etc/polkit-1/localauthority/50-local.d/
sudo systemctl restart polkit.service
Create desktop entry in ~/.local/share/applications/gof5.desktop:
[Desktop Entry]
Name=gof5
Exec=/home/varac/bin/download/gof5_linux_amd64 %u
Type=Application
MimeType=x-scheme-handler/f5-vpn;
NoDisplay=true
Add mimetype default:
$ xdg-mime default gof5.desktop x-scheme-handler/f5-vpn
$ xdg-mime query default x-scheme-handler/f5-vpn
gof5.desktop
openconnect
- Openconnect
- GlobalProtect-openconnect A GlobalProtect VPN client (GUI) for Linux, based on OpenConnect and built with Qt5, supports SAML auth mode.
- Docs
- Gitlab issues
- Doesn't work: Support f5-vpn:// URIs
- I couldn't get it to work with openconnect
Start:
openconnect --protocol=f5 --dump -vvv $SERVER
Official F5 client
- Native installation packages only in
rpmanddebformat - Docs
- Config at
~/.F5Networks/f5networks.conf - Log at
~/.F5Networks/vpn.logAlso contains some F5 tunnel config details
Debug with export QT_DEBUG_PLUGINS=1
Arch/AUR packages
- AUR package: f5vpn
- (GUI) VPN client using the Point-to-Point Protocol to connect to F5Networks BIG-IP APM
- AUR package: f5fpc
- Command-line VPN client using FastPPP to connect to F5Networks BIG-IP APM 13.0
f5vpn
Steps:
Install package:
pamac install f5vpn
Add mimetype default:
$ xdg-mime default com.f5.f5vpn.desktop x-scheme-handler/f5-vpn
$ xdg-mime query default x-scheme-handler/f5-vpn
com.f5.f5vpn.desktop
Fix wayland issue where client crashes with qt.qpa.plugin: Could not find the Qt platform plugin "wayland" in "":
Add Exec=/usr/sbin/bash -c "export QT_QPA_PLATFORM=xcb; /opt/f5/vpn/f5vpn %u"
to /usr/share/applications/com.f5.f5vpn.desktop
Official client on Arch
Download official f5-client Debian package, i.e.
wget https://huskyonnet-ns.uw.edu/public/download/linux_f5vpn.x86_64.deb -O ~/projects/vpn/f5-client/native/linux_f5vpn.x86_64.deb
Extract content:
cd ~/projects/vpn/f5-client/native/
ar x linux_f5vpn.x86_64.deb
tar -xzf control.tar.gz
tar -xzf data.tar.gz
sudo cp -a opt/f5 /opt/f5
sudo ./postinst