summarylogtreecommitdiffstats
path: root/README.rst
blob: e74a21f329ada664849fe5274148c3e9c5504908 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53

f5vpn for Linux
===============

The F5 VPN client uses the Point-to-Point Protocol to connect to F5Networks BIG-IP APM 13.0.

Usage
-----

1. In a web browser, go to `<https://[your-BIG-IP-APM-server]/>`_ and log in (including 2-factor authentication, if you use it).

2. Choose Web Network Access. If this works for you, the following steps do not apply to you.
   If you prefer connecting from the command line, open Developer Tools and run this JavaScript:

   .. code-block:: javascript

       resourceType = "network_access";
       with (new XMLHttpRequest()) {
           open("GET", `https://${location.host}:${location.port}/vdesk/resource_list.xml?resourcetype=res`);
           onload = () => console.log(`f5-vpn://${location.host}:${location.port || 443}/?server=${location.host}&resourcename=${responseXML.querySelector(`list[type=${resourceType}] entry`).textContent}&resourcetype=${resourceType}&cmd=launch&protocol=https&port=${location.port || 443}&sid=${document.cookie.match(/MRHSession=(.*?); /)[1]}`);
           send();
       }

   You should have received a URL starting with ``f5-vpn://``.

3. In a terminal, run ``f5vpn`` using the URL from Step 2 as its argument (including single quotes):

   .. code-block:: shell

        f5vpn 'f5-vpn://...'

If everything worked, the GUI for F5 VPN should be visible. Assuming continuous Internet connectivity, you should remain connected for several hours.

Troubleshooting
---------------

If you get an error that looks like

   .. code-block:: shell

        f5vpn: error while loading shared libraries: libicuuc.so.72: cannot open shared object file: No such file or directory

that means that your version of `qt5-webkit <https://aur.archlinux.org/packages/qt5-webkit>`_ is out-of-date with your `icu <https://archlinux.org/packages/core/x86_64/icu/>`_ version, and rebuilding the latest version of `qt5-webkit <https://aur.archlinux.org/packages/qt5-webkit>`_ (or installing the latest prebuilt package) will fix your issue.

CLI-Only Alternatives
---------------------

* `kayrus/gof5 <https://github.com/kayrus/gof5>`_ - FOSS

* `zrhoffman/svpn-login <https://github.com/zrhoffman/svpn-login>`_

* `zrhoffman/f5vpn-login <https://github.com/zrhoffman/f5vpn-login>`_ - FOSS, but very slow due to no PPP-over-DTLS

* `openvpn <https://www.infradead.org/openconnect/f5.html>`_ - FOSS (use --cookie-on-stdin for 2FA)