Versions Compared

Old Version 2

changes.mady.by.user Reuber, Kent B.

Saved on

compared with

New Version 3

changes.mady.by.user Reuber, Kent B.

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Overview:

SLAC's VPN uses posture checking to enforce that antivirus software is installed and that antivirus updates are current. In addition, Cisco's AnyConnect Secure Mobility Client VPN software must be used so that the status of antivirus can be reported to the SLAC VPN ASA's.

...

This process was tested on a MacBook Air running the Elementary Linux distribution version 5.1 (based on the Ubuntu Linux 18.04 LTS distribution).

Ethernet and Wireless Networking

This section is very specific to the hardware used. While this is not a general recipe, it may be useful for inspiration of what to try. The MacBook Air has no built-in Ethernet, only wireless. Unfortunately, the default installation of many Linux distributions don't have the correct wireless driver, so the user is left with no way to connect to the network after installation. I was unable to get an Apple Thunderbolt Ethernet adapter to work, but a Linksys USB adapter (model USB3GIGV1) was recognized. Thus, I could get networking up with use Ethernet to install OS updates and download wireless drivers.

...

On the Broadcom Wifi page listed above, the driver is given by "14e4:43a0 unknown :

Code Block
pci.id                     12.04 LTS                             14.04 LTS and Later
...
14e4:43a0                  unknown                               bcmwl-kernel-source

...


...

Installing the bcmwl-kernel-source package and rebooting allowed wireless to work. I have found wireless to be very stable.

Code Block
$ sudo apt-get install bcmwl-kernel-source
$ sudo reboot

Antivirus

CLAM AV is an open source antivirus engine. This page gives the following instructions for Ubuntu as well as other distributions. I installed clamav and clamav-daemon. I have added the necessary "sudo" statements to the recipe.

Code Block
ClamAV can be found for Ubuntu in the apt repository. Run this command to install ClamAV:

$ sudo apt-get install clamav

If you need clamd, you may also want to run:

$ sudo apt-get install clamav-daemon

If you require support for scanning compressed RAR files you first need to enable the non-free archive, and then you can install the RAR-plugin using:

$ sudo apt-get install libclamunrar6

Cisco AnyConnect VPN Client

The Service Now Linux VPN Knowledgebase article describes obtaining AnyConnect from the VPN server itself. However, the auto-detect mechanism requires Java which you may not have (I didn't). Instead, I installed Cisco AnyConnect manually following the instructions at Cisco AnyConnect manual install. To install, you need to unpack the downloaded archive and run a shell script:

Code Block
$ cd Downloads
$ cd anyconnect-linux64-4.8.01090/
$ sudo vpn/vpn_install.sh