Update 2009/10/29 11:18—Updated the path on the final setuid command per commenter David.
If you use a Mac as your work machine, chances are that you’ve had to use VPN at some point, and therefore the current de facto SSL VPN client, Juniper Network Connect. If you’ve recently upgraded to Snow Leopard, you’ve probably already run into the problem of NC not working correctly, and likely found the common solution to fixing the problem.
This solution works great if you’ve got a fully functional installation of NC, but what happens if your installation has become corrupted on Snow Leopard? What if, for example, some of the installation files are corrupted or missing, but some aren’t? That’s what happened to me, and here’s how I fixed it.
So if your installation is corrupt, the auto-install through a web browser won’t work for you, because there are some residual files and the application can’t tell whether it’s fully installed or not. Chances are what will happen is that the installation files will get downloaded, but the install itself will fail because some of the files from your corrupt installation are still there.
The easiest way to fix this is to get a hold of the NC install .dmg and run the installer app; your company’s IT organization will likely be able to get it to you without too much trouble. If you don’t have access to the .dmg installer, however, then your life will be significantly more difficult; you’ll have to manually uninstall and reinstall the application, as follows (note that you’ll need root access on your machine to be able to do these steps):
- Delete the files from the old installation:
Network Connect.appif it’s there.
/Library/Internet Plug-ins, delete
Network Connect.wdgtif present.
/usr/local, delete the
juniperfolder if present.
- Now, if you’ve already tried and failed to install NC through the browser, you should already have a PAX archive downloaded to
/tmp. If you don’t, try to do the autoinstall, and after it fails, the
NetworkConnectBinaries.paxfile will be there. Extract the archive by double-clicking on it. Inside, it contains three top-level folders:
usr. Their contents echo the folders that we removed files from in step 1.
- Copy the contents of the archive into the folders on your system with the same name:
- Put the
- Now for the complicated part. First, make sure
/usr/local/juniperis owned by
root:wheelby launching Terminal.app and typing the following command at the prompt:
sudo chown -R root:wheel /usr/local/juniper.
- Perform the two steps recommended in the tutorial I linked above:
sudo chmod 755 /usr/local/juniper/nc/[version number]/
sudo mkdir '/Applications/Network Connect.app/Contents/Frameworks'
- Finally, set the
setuidbit on a couple of the files:
sudo chmod 4711 /usr/local/juniper/nc/install/ncinstallhelper
sudo chmod 4711 /usr/local/juniper/nc/[version number]/ncproxyd
After following these steps, you should be able to run Network Connect as normal.