Monthly Archives: June 2009

VPN on Ubuntu Linux with Juniper Network Connect

There’s one standard document on HOWTO get Network Connect working on Ubuntu Linux. It’s mad scientist’s doc: . However, there are a few things not covered. I’ll assume that you’ve followed mad scientist’s excellent guide before going any further.

Issue #1: 64-bit Ubuntu

By default, when you install java on your 64-bit system, you get a 64-bit java. No surprise there, right? Well, Juniper’s tools don’t play nice with 64-bit java. If you attempt to start the junipernc script you’ll promptly see the “VPN has failed!” error message.

VPN has failed!
VPN has failed!

Also if you look closely in your Terminal you’ll see the text error:

Failed to load the ncui library.

This is the clue that we are dealing with the 64-bit issue.

The work around for this is to install a 32-bit java on your system. Type the following into your Terminal:

sudo apt-get install ia32-sun-java6-bin

After typing your password, a 32-bit copy of java will be installed at: /usr/lib/jvm/ia32-java-6-sun .

Now, you need to convince Juniper Network Connect to use the 32-bit java. If you don’t use java for much besides your new VPN, you may just want to make the 32-bit java your default. This can be done by typing the following into your Terminal:

update-alternatives --set java /usr/lib/jvm/ia32-java-6-sun/jre/bin/java

If you DO use java and just want to tell the VPN to use the 32-bit java, you should modify the junipernc by adding the following line right after the block of lines that start with “#”:

export JDK_HOME=/usr/lib/jvm/ia32-java-6-sun

Now, when you run junipernc, it will use 32-bit java and you should no longer have the failure due to ncui.

Issue #2: Determining Your Realm

The scripting for Network Connect asks a few questions that may not make sense to a typical user. Even a networking savvy programmer may not be certain what values to use for the “Realm” or “PIN + SecureID Code”.

Finding your realm is fairly straight forward if you don’t mind diving into some HTML. Point your web browser to your company’s VPN website: or .   View the source of that page and look for a line like:

<input type="hidden" name="realm" value="REALMNAME">

The value of REALMNAME is what you’ll need to enter when prompted.  Your IT department may or may not know what this is if you ask them.

If you don’t know your “PIN + SecureID Code”, it’s simply the password you type along with your username on the VPN website to gain access. As mad scientist says, some companies use “SecurID so [they] enter a personal PIN plus the value provided by the SecurID fob,” which explains why he coded that as the prompt for the password input.

If you need help, there’s a long running thread over at the ubuntu forums where this continues to be discussed a lot: . I gathered my info from both mad scientist’s page above and the thread itself.

One further note, I’ve tested this on Ubuntu 9.04 64-bit as well as 8.10 32-bit. Hope this is helpful to all you who need Juniper VPN access on 64-bit Ubuntu Linux.


I recently purchased a Mac Mini to be my home media computer. I plan to blog more about that later. For now, the only tricky thing about using a Mini has been using my TV for a monitor.

There’s a lot of noise on the web (or Google at least) when trying to search for a solution to using a Mini’s DVI output on LCD TV’s. Typically they recommend using DisplayConfigX  or SwitchResX to tweak your display modelines, timing, resolution, and just generally dive deeper than I like  into display configuration. My solution was MUCH simpler.

My television is a Samsung 46″ LCD (LN46A539P1F). It has 3 HDMI inputs, but one is specifically intended to be used for PCI DVI input converted to HDMI.  It also provides a VGA DSUB input which works perfectly with a Mac Mini’s miniDVI->VGA apapter, but the point here is to get direct digital signal without converting to analog.

The Mac Mini has a miniDVI output and is packaged with a miniDVI->DVI adapter, so to get a signal into the TV, you’ll need a DVI->HDMI or miniDVI->HDMI adapter. I bought both from Monoprice as they are very inexpensive and either works fine.

Once you have the apdapter on and the HDMI cable connected to the TV, the Mac will recognize that it is displaying on an HDTV and will recommend 720p (1280×720 resoution) or 1080p (1920×1080 resolution). However, you will now most likely see that your output is either too small on the screen (has a few inches of black border around the picture)  or is too big (extends beyond the screen). If it’s too big, you have Overscan enabled in your Displays preference pane. If not, you should enable Overscan.

Now, on your TV, go to the Menu:

  • Choose “Picture” (should be first option)
  • Choose “Picture Options” (near the bottom of list)
  • Choose “Size” (will have options like 4:3, 16:9, and Just Scan)
  • Choose “Just Scan”
  • Close Menu

Bam! Your display should now be just right!