Cisco Anyconnect Debian

admin



Installing the VPN Client

I too have the same problem. Changing the metric did not work. As soon as i connect to Cisco VPN, WSL2 looses connectivity to the internet as well connectivity to the host via WSL network adapter. Ping using loopback IPs 127.0.1.1 works but not via the virtual ethernet adapters. Daniel Schneider for his Using Cisco AnyConnect VPN with openconnect page on GitHub, which I adapted originally for these instructions. Tom Distler, for the Tux/Cisco image at the top of this page, which I mooched from his page, How to connect Linux to a Cisco VPN using a PCF file.

  1. Download the Anyconnect VPN client.
  2. From the Terminal, navigate to the Downloads folder and unzip the file by typing [tar xzvf anyconnect-xxx.tar.gz]
    • NOTE: The *actual* file name will contain the name of the current version of the installer (e.g. anyconnect-linux64-4.5.03040-predeploy-k9.tar.gz)
  3. A folder with the same name as the file will appear in the current directory. Open the folder and then go to the vpn directory, and once you are there type [./vpn_install.sh]
  4. The VPN clientwill be installed on your system and the vpnagentd process will be started. This process will be started each time your system is booted.
  5. NOTE: Ubuntu/Debian users should run this command to download a dependency for the VPN UI: [sudo apt-get install libpangox-1.0-0]

Starting the VPN Client

  1. To start the client from the terminal, type [/opt/cisco/anyconnect/bin/vpnui]. Note: if you are not running a GUI, you can enter interactive mode by entering[/opt/cisco/anyconnect/bin/vpn]
    • NOTE: If you are using a desktop environment, you should be able to find the client in one of your menus as well (e.g. in a RHEL environment, look in Applications -> Internet).
  2. In the “Connect to:” box, type vpn.uci.edu and press Return on your keyboard. Note: in interactive mode type [connect vpn.uci.edu]
  3. In the “Group” menu that will appear, select the tunnel you wish to use, usually “UCI” or “UCIFull”. (See the differences in the Tunnels below.)
  4. Enter your UCInetID and password in the appropriate boxes and click “Connect”.
  5. You should get a banner box. When you do, click “Accept” and you are now connected.

Possible Error Messages

If you get one of the following messages when you try to connect to the campus VPN service:

  • “Connection attempt has failed due to server certificate problem”
  • “AnyConnect cannot confirm it is connected to your secure gateway”

this means that the AnyConnect client cannot validate the certificate on the campus VPN service.

Debian

To remedy this, please download and unzip this file and follow the directions in the README file to install the InCommon certificate files on your system.

Ubuntu Linux

If you are using Ubuntu Linux and are having problems using the VPN, Jeff Stern has instructions for making the AnyConnect VPN work on Ubuntu. See
http://www.socsci.uci.edu/~jstern/uci_vpn_ubuntu/ for more information.

Linux Openconnect Client

Note: Using the Linux openconnect software is not supported by OIT. If you have problems using this, OIT will not be able to help you. These instructions are provided for you if you want to use something other than the supported Cisco AnyConnect client on your Linux system.

Some Linux distributions include a VPN client called openconnect that can be used with the the UCI VPN service. The instructions below are for Fedora Linux. Other distributions may be similar.

  1. From the terminal, type [sudo openconnect vpn.uci.edu -u UCInetID]
    • replace UCInetID with your actual UCInetID
    • if you don't have openconnect installed, you can download it from your distro's software repo [e.g. sudo apt-get install openconnect]
  2. You will be prompted for the Group to use. Type one of the options, usually UCI or UCIFull (it's not case-sensitive)
  3. You will be prompted for your password. After you give the client your password you will be logged in.

You can minimize the terminal window while you do your work (don’t close it or you will lose your VPN connection). When you are done type ^C (control-c) to terminate openconnect and your VPN session will be logged out.

(Jeff Stern has also written a page on setting up Openconnect for Debian/Ubuntu users, at http://www.socsci.uci.edu/~jstern/uci_vpn_ubuntu/ubuntu-openconnect-uci-instructions.html.)

Cisco Anyconnect Linux Install

[ jessie ] [ stretch ] [ buster ] [ buster-backports ] [ bullseye ] [ sid ]

Links for openconnect

Debian Resources:

Cisco Anyconnect Debian
  • Debian Source Repository (Git)

Maintainer:

  • Mike Miller (QA Page)

External Resources:

Cisco Anyconnect Windows 10 Download

  • Homepage [www.infradead.org]

Cisco Anyconnect Linux Command Line

The following binary packages are built from this source package:
libopenconnect-dev
open client for Cisco AnyConnect, Pulse, GlobalProtect VPN - development files
libopenconnect5
open client for Cisco AnyConnect, Pulse, GlobalProtect VPN - shared library
openconnect
open client for Cisco AnyConnect, Pulse, GlobalProtect VPN

Other Packages Related to openconnect

  • build-depends
  • build-depends-indep
  • adep: debhelper-compat (= 12)
    Package not available
  • adep:dpkg-dev (>= 1.17.14)
    Debian package development tools
  • adep:groff
    GNU troff text-formatting system
  • adep:libgcrypt20-dev
    LGPL Crypto library - development files
  • adep:libgnutls28-dev
    GNU TLS library - development files
  • adep:libkrb5-dev
    headers and development libraries for MIT Kerberos
  • adep:liblz4-dev
    Fast LZ compression algorithm library - development files
  • adep:libp11-kit-dev
    library for loading and coordinating access to PKCS#11 modules - development
  • adep:libpcsclite-dev
    Middleware to access a smart card using PC/SC (development files)
  • adep:libproxy-dev
    automatic proxy configuration management library (devel)
  • adep:libsocket-wrapper [not hurd-i386]
    socket wrapper library
  • adep:libstoken-dev
    Software Token for cryptographic authentication - development files
  • adep:libtasn1-6-dev
    Manage ASN.1 structures (development)
  • adep:libtss2-dev
    TPM2 Software stack library - development files
  • adep:libuid-wrapper [not alpha hurd-i386 kfreebsd-amd64 kfreebsd-i386]
    UID wrapper library
  • adep:libxml2-dev
    Development files for the GNOME XML library
  • adep:locales-all
    GNU C Library: Precompiled locale data
  • adep:ocserv (>= 0.12.1-2) [not hurd-i386 kfreebsd-amd64 kfreebsd-i386]
    OpenConnect VPN server compatible with Cisco AnyConnect VPN
  • adep:openssl
    Secure Sockets Layer toolkit - cryptographic utility
  • adep:pkg-config
    manage compile and link flags for libraries
  • adep:python
    interactive high-level object-oriented language (Python2 version)
  • adep:softhsm2 [not hurd-i386]
    cryptographic store accessible through a PKCS #11
  • adep:zlib1g-dev
    compression library - development

Download openconnect

FileSize (in kB)MD5 checksum
openconnect_8.02-1+deb10u1.dsc2.7 kB4803c9a22398ec9d0ebc4ff484a02bdf
openconnect_8.02.orig.tar.gz1,832.2 kBe723c92b0d435df2a521549edbe1fe3e
openconnect_8.02-1+deb10u1.debian.tar.xz15.5 kBfc2ceb3bd03d92cd9d032bf43c2ed23e

Cisco Anyconnect Linux Client

Debian Package Source Repository (VCS: Git)
https://salsa.debian.org/debian/openconnect.git
Debian Package Source Repository (Browsable)
https://salsa.debian.org/debian/openconnect