How to Install OpenConnect SSL VPN Client on Ubuntu Linux

laptop 4662049 640
laptop 4662049 640

OpenConnect SSL VPN software enables remote users and employees to securely connect to VPN gateways in an enterprise environment from Linux systems. Although not officially supported by network vendors, OpenConnect can be used on Linux systems with limited VPN support. OpenConnect comes with Ubuntu repositories by default and once installed, allows for secure connection and access to internal resources.

OpenConnect SSL VPN software was created to allow remote users and employees to securely connect to a Cisco, Juniper, or Palo Alto SSL VPN gateway running in an enterprise environment from Linux systems.

OpenConnect is not officially supported by these network vendors (Cisco Systems, Juniper Networks, Pulse Secure, or Palo Alto Networks); however, if you’re using a Linux machine with no official or limited support, you should look at OpenConnect SSL VPN client instead to help you connect to your company’s VPN gateway.

Employees can use the OpenConnect SSL VPN client to connect, and if authentication is approved, the connected users or employees are granted access to internal resources.

Read this post to learn how to install the official Cisco AnyConnect SSL VPN client.

This post shows you how to install the OpenConnct SSL VPN client on Ubuntu 18.04 or 16.04 and connect to a popular VPN server gateway.

When you’re ready to install OpenConnect, follow the steps below:

Install OpenConnect

OpenConnect SSL VPN client is included with Ubuntu repositories by default. No additional software and configurations are needed to get the package.

Simply use the commands below to install OpenConnect on Ubuntu machines.

sudo apt-get update
sudo apt-get install openconnect

Connect to SSL VPN Servers

Once the OpenConnect package has been successfully installed on Ubuntu, you should be ready to connect to SSL VPN servers, which can use Cisco’s AnyConnect SSL VPN and Juniper Pulse Connect Secure.

Simply run the commands below to establish a VPN connection to your VPN server gateway. In this example, our VPN gateway is

sudo openconnect -u user --passwd-on-stdin

Replace with the gateway of your SSL VPN gateway server name or IP. Press enter to initiate the connection. If the server is up, you should be prompted for a password to authenticate.

After a successful connection and authentication, you should see a similar message as below:

Connected to
SSL negotiation with
Connected to HTTPS on
XML POST enabled
Please enter your username and password.
Username: username
Got CONNECT response: HTTP/1.1 200 OK
CSTP connected. DPD 30, Keepalive 20
Connected as, using SSL
Established DTLS connection (using GnuTLS). Ciphersuite (DTLS0.9)-(RSA)-(AES-256-CBC)-(SHA1).
Too long time in MTU detect loop; MTU set to 1322.
Detected MTU of 1322 bytes (was 1406)
Connect Banner:
| Welcome to the VPN! You have been granted access to our internal resources.

That’s it! You’re not connected and can use internal resources from your Linux machine.

Congratulations! You have successfully installed and configured OpenConnect to access Cisco and other VPN providers’ gateway.

You may also like the post below:

Posted by

I love computers; maybe way too much. What I learned I try to share at


  1. Great article. Near the end you see “You’re not connected”. I think you meant to say “You’re now connected”.

    1. True!

  2. Thanks bud. very helpful

  3. I need to connect to a SonicWall firewall/vpn. They want me to install their closed source client NetExtender that additionally needs OracleJDK. Any idea whether I can connect with clients shipped with Ubuntu 16.04?

  4. How to install openconnect in windows through command line.

  5. i get this message

    XML response has no “auth” node
    Failed to obtain WebVPN cookie

  6. This worked for me to connect to my company’s corporate Palo Alto GlobalProtect VPN gateway, but how can I set this up correctly in NetworkManager so I can start the VPN as a standard user? I tried by entering the settings into NetworkManager, and my laptop will connect and authenticate, but network traffic does not flow through the VPN tunnel when I start the VPN this way.

    1. Thomas Eitzenberger

      Thats a known bug in nm currently, resort to the cmd line 😉

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.