OpenConnect SSL VPN software enables remote users and employees to securely connect to VPN gateways in an enterprise environment from Linux systems. Although not officially supported by network vendors, OpenConnect can be used on Linux systems with limited VPN support. OpenConnect comes with Ubuntu repositories by default and once installed, allows for secure connection and access to internal resources.
OpenConnect SSL VPN software was created to allow remote users and employees to securely connect to a Cisco, Juniper, or Palo Alto SSL VPN gateway running in an enterprise environment from Linux systems.
OpenConnect is not officially supported by these network vendors (Cisco Systems, Juniper Networks, Pulse Secure, or Palo Alto Networks); however, if you’re using a Linux machine with no official or limited support, you should look at OpenConnect SSL VPN client instead to help you connect to your company’s VPN gateway.
Employees can use the OpenConnect SSL VPN client to connect, and if authentication is approved, the connected users or employees are granted access to internal resources.
Read this post to learn how to install the official Cisco AnyConnect SSL VPN client.
This post shows you how to install the OpenConnct SSL VPN client on Ubuntu 18.04 or 16.04 and connect to a popular VPN server gateway.
When you’re ready to install OpenConnect, follow the steps below:
OpenConnect SSL VPN client is included with Ubuntu repositories by default. No additional software and configurations are needed to get the package.
Simply use the commands below to install OpenConnect on Ubuntu machines.
sudo apt-get update sudo apt-get install openconnect
Connect to SSL VPN Servers
Once the OpenConnect package has been successfully installed on Ubuntu, you should be ready to connect to SSL VPN servers, which can use Cisco’s AnyConnect SSL VPN and Juniper Pulse Connect Secure.
Simply run the commands below to establish a VPN connection to your VPN server gateway. In this example, our VPN gateway is vpn.example.com
sudo openconnect -u user --passwd-on-stdin vpn.example.com
Replace vpn.example.com with the gateway of your SSL VPN gateway server name or IP. Press enter to initiate the connection. If the server is up, you should be prompted for a password to authenticate.
After a successful connection and authentication, you should see a similar message as below:
POST https://vpn.example.com/ Connected to 192.168.15.2:443 SSL negotiation with vpn.example.com Connected to HTTPS on vpn.example.com XML POST enabled Please enter your username and password. Username: username Password: POST https://vpn.example.com/ Got CONNECT response: HTTP/1.1 200 OK CSTP connected. DPD 30, Keepalive 20 Connected as 10.25.59.81, using SSL Established DTLS connection (using GnuTLS). Ciphersuite (DTLS0.9)-(RSA)-(AES-256-CBC)-(SHA1). Too long time in MTU detect loop; MTU set to 1322. Detected MTU of 1322 bytes (was 1406) Connect Banner: | Welcome to the vpn.example.com VPN! You have been granted access to our internal resources.
That’s it! You’re not connected and can use internal resources from your Linux machine.
Congratulations! You have successfully installed and configured OpenConnect to access Cisco and other VPN providers’ gateway.
You may also like the post below: