How to Install OpenConnect SSL VPN Client on Ubuntu Linux

OpenConnect SSL VPN software was created to allow remote users and employees to securely connect to a Cisco, Juniper, or Palo Alto SSL VPN gateway running in an enterprise environment from Linux systems.

OpenConnect is not officially supported by these network vendors (Cisco Systems, Juniper Networks, Pulse Secure, or Palo Alto Networks), However, if you’re using a Linux machine with no official or limited support, you should look at OpenConnect SSL VPN client instead to help you connect to your company’s VPN gateway.

Employees can use the OpenConnect SSL VPN client to connect, and if authentication is approved, the connected users or employees are granted access to internal resources.

To learn how to install the official Cisco AnyConnect SSL VPN client, read this post.

This post shows you how to install the OpenConnct SSL VPN client on Ubuntu 18.04 or 16.04 and connect to a popular VPN server gateway.

When you’re ready to install OpenConnect, follow the steps below:

Install OpenConnect

OpenConnect SSL VPN client is included with Ubuntu repositories by default. No additional software and configurations are needed to get the package.

Simply use the commands below to install OpenConnect on Ubuntu machines.

sudo apt-get update
sudo apt-get install openconnect

Connect to SSL VPN Servers

Once the OpenConnect package has been successfully installed on Ubuntu, you should be ready to connect to SSL VPN servers, which can Cisco’s AnyConnect SSL VPN and Juniper Pulse Connect Secure.

Simply run the commands below to establish a VPN connection to your VPN server gateway. In this example, our VPN gateway is

sudo openconnect -u user --passwd-on-stdin

Replace with the gateway of your SSL VPN gateway server name or IP. Press enter to initiate the connection. if the server is up, you should be prompted for a password to authenticate.

After a successful connection and authentication, you should see a similar message as below:

Connected to
SSL negotiation with
Connected to HTTPS on
XML POST enabled
Please enter your username and password.
Username: username
Got CONNECT response: HTTP/1.1 200 OK
CSTP connected. DPD 30, Keepalive 20
Connected as, using SSL
Established DTLS connection (using GnuTLS). Ciphersuite (DTLS0.9)-(RSA)-(AES-256-CBC)-(SHA1).
Too long time in MTU detect loop; MTU set to 1322.
Detected MTU of 1322 bytes (was 1406)
Connect Banner:
| Welcome to the VPN! You have been granted access to our internal resources.

That’s it! You’re not connected and can use internal resources from your Linux machine.

Congratulations! You have successfully installed and configured OpenConnect to access Cisco and other VPN providers’ gateway.

You may also like the post below: