OpenConnect VPN – Guide for Linux
The content on this page was translated automatically.
Since the official Cisco AnyConnect client keeps causing problems on Linux, here's a tried-and-true alternative using OpenConnect for Linux:
Requirements
Install the package (included in every distribution):
- sudo apt install openconnect (Debian / Ubuntu)
- sudo dnf install openconnect (Fedora)
- sudo pacman -S openconnect (Arch)
Minimum version: 9.01 – check with:
- openconnect -V
Start/Stop VPN (one-time command with sudo!)
Start VPN:
Replace [USERNAME] with your UniAccount login:
- sudo openconnect univpn.uni-kassel.de \
--protocol=anyconnect \
--reconnect-timeout=60 \
--disable-ipv6 \
--compression=all -d \
--background --syslog --timestamp \
--os=win \
--useragent='AnyConnect Windows 5.1.8.105' \
--no-external-auth \
-u [USERNAME]
Exit VPN:
- sudo killall openconnect
Recommended: Everything as a shell script
Save the file as "vpn.sh," for example, then:
chmod +x vpn.sh
./vpn.sh
vpn.sh
#!/bin/bash
GW="univpn.uni-kassel.de"
PAS='YourPassword'
USER='YourUsername'
PID_FILE="/tmp/vpn-pidfile.log"
echo "$PAS" | \
sudo openconnect $GW -v \
--pid-file=$PID_FILE \
--protocol=anyconnect \
--reconnect-timeout=60 \
--disable-ipv6 \
--compression=all -d \
--background --syslog --timestamp \
--os=win \
--useragent='AnyConnect Windows 5.1.8.105' \
--no-external-auth \
-u $USER --passwd-on-stdin
VPNPID=$(cat $PID_FILE)
echo "VPN is running with PID: $VPNPID"
Optional: Configure sudo without a password
1. Find the path to openconnect:
- type openconnect
2. Open visudo:
- sudo visudo
3. Add the appropriate entry:
- For you only (no password):
- yourusername ALL=(ALL) NOPASSWD: /usr/bin/openconnect
- For all sudo users (without a password):
- %sudo ALL=(ALL) NOPASSWD: /usr/bin/openconnect
- Continue with a password (explicitly):
- yourusername ALL=(ALL) !NOPASSWD: /usr/bin/openconnect
Adjust the path if necessary, if openconnect is located elsewhere (e.g., /usr/local/bin/openconnect).