Jun 9, 2011

How To Connect Ubuntu Linux to Cisco VPN with openconnect (anyconnect-capable alternative)

For Ubuntu Linux, Cisco provides the anyconnect VPN client. But why not connect with the simplistic, FOSS, and Network-Manager-integrated, "openconnect" and "network-manager-openconnect" packages from the "universe" repository instead? I've used this method with much success for quite some time now.

Special Note - these instructions are for connecting to the VPN using the open source alternative to Cisco AnyConnect client (openconnect). If you are looking for instructions related to using the open source alternative to the Cisco Systems VPN client (vpnc), have a look at my post entitled: How To: Cisco Systems VPN with Ubuntu 11.10 / 10.10 GNU/Linux

You can install these packages easily with using either of the two methods below. Also, you may need to enable the universe FOSS repository first (see the "****" note below for enabling the "universe" repository):

Method A.) From the Ubuntu Software Center (see image below).

Simply click Applications > Ubuntu Software Center > then search for and install "openconnect" and "network-manager-openconnect" (see image below)



Method B.) From the Terminal(hit alt+f2, type or enter "gnome-terminal", hit enter), type or paste in these commands:

sudo apt-get update && sudo apt-get install openconnect && sudo apt-get install network-manager-openconnect

After you install the two required packages, reboot your computer to finalize the settings. When you login again, you should see the "VPN Connections" setting to appear on the Network Manager applet(same place where the other network connections are found). Next, click the Network Manager > VPN Connections > Configure VPN > Add. (see image below)


Next, select "Cisco AnyConnect Compatible VPN (openconnect)" and click Create. (see image below)



Then enter the gateway IP address or DNS name to connect to (this comes from your IT dept) > Enter a name for the connection > check "Connect automatically" > (optional depending on your company network) Enter the internal DNS servers and Search Domains for your company network(IT dept for this) on the IPv4 Settings Tab. (see image below)




(optional)For split tunneling (allows you to go out of your regular connection to the Internet as opposed to through the VPN) From the IPv4 tab, click Routes > check "Use this connection only for resources on its network" > click OK > click Save> click Close (to close Network Connections) and voila, you're all set.


To connect, establish your regular Internet connection first, then click the Network Manager > mouse over "VPN Connections" > click the name of the VPN you created. If all went well, you'll be presented with place to enter your anyconnect username/password and you can connect. Whey you see a small lock in the Network Manager - that means VPN is connected and you should have access to your network.

**** To enable the universe repositories:
Launch the Applications > "Ubuntu Software Center" > click Edit > click "Software Sources" (see image below)
Then from the "Software Sources" dialog box: Click System > Software Sources (authenticate) > In the software Sources dialog, check "Community-maintained Open Source software", oh and now's a good time to select a faster repository source > set "Download from:" to something like samaritan.ucmerced.edu, or ubuntu.osuosl.org(example only) (or use the tool there to find the fastest server near you). The default source of "Main Server" is typically slower than what's available elsewhere.) Click close, reload the sources (this is the same as sudo apt-get update) and now you'll have the universe repository enabled and available for use. (see image below)




Feel free to leave a comment if you like.

Cheers!
Shannon VanWagner