Install OpenConnect SSL VPN Client on Ubuntu 18.04 | 16.04

OpenConnect SSL VPN software was created to allow remote users and employees to securely connect to a Cisco, Juniper or Palo Alto SSL VPN gateway running in an enterprise environment from Linux systems.

OpenConnect is not officially supported by these network vendors (Cisco Systems, Juniper Networks, Pulse Secure, or Palo Alto Networks),  However, if you’re using a Linux machine with no official or limited support, you should look at OpenConnect SSL VPN client instead to help you connect to your company’s VPN gateway.

Employees can use OpenConnect SSL VPN client to connect, and if authentication is approved, the connected users or employees are grant access to internal resources.

To learn how to install the official Cisco’s AnyConnect SSL VPN client, read this post.

This post shows you how to install OpenConnct SSL VPN client on Ubuntu 18.04 or 16.04 and connect to popular VPN server gateway.

When you’re ready to install OpenConnect, follow the steps below:

Step 1: Install OpenConnect

OpenConnect SSL VPN client is included with Ubuntu repositories by default. No additional software and configurations needed to get the package.

Simply use the commands below to install OpenConnect on Ubuntu machines.

sudo apt-get update
sudo apt-get install openconnect

Step 2: Connect to SSL VPN Servers

Once OpenConnect package has been successfully installed on Ubuntu, you should be ready to connect to SSL VPN servers, which can Cisco’s AnyConnect SSL VPN and Juniper Pulse Connect Secure.

Simply run the commands below to establish VPN connection to your VPN server gateway. In this example, our VPN gateway is vpn.example.com

sudo openconnect -u user --passwd-on-stdin vpn.example.com

Replace vpn.example.com with the gateway of your SSL VPN gateway server name or IP. Press enter to initiate the connection. if the server is up, you should be prompted for a password to authenticate.

After a successful connection and authentication, you should see similar message as below:

POST https://vpn.example.com/
Connected to 192.168.15.2:443
SSL negotiation with vpn.example.com
Connected to HTTPS on vpn.example.com
XML POST enabled
Please enter your username and password.
Username: username
Password:
POST https://vpn.example.com/
Got CONNECT response: HTTP/1.1 200 OK
CSTP connected. DPD 30, Keepalive 20
Connected as 10.25.59.81, using SSL
Established DTLS connection (using GnuTLS). Ciphersuite (DTLS0.9)-(RSA)-(AES-256-CBC)-(SHA1).
Too long time in MTU detect loop; MTU set to 1322.
Detected MTU of 1322 bytes (was 1406)
Connect Banner:
| Welcome to the vpn.example.com VPN! You have been granted access to our internal resources.

That’s it! You’re not connected and can use internal resources from your Linux machine.

Congratulations! You have successfully installed and configure OpenConnect to access Cisco and other VPN providers gateway.

You may also like the post below: