- Installing Cisco AnyConnect VPN Client on Ubuntu 18.04 16.04 by Richard Zayzay Posted on Cisco AnyConnect VPN software allows remote users and employees to securely connect to a Cisco VPN gateway running in an enterprise environment.
- Cisco AnyConnect Secure Mobility Client empowers remote workers with frictionless, highly secure access to the enterprise network from any device, at any time, in any location while protecting the organization. For organizations of all sizes that need to.
Install OpenConnect SSL VPN Client on Ubuntu 18.04 16.04 by Richard Zayzay Posted on OpenConnect SSL VPN software was created to allow remote users and employees to securely connect to a Cisco, Juniper or Palo Alto SSL VPN gateway running in an enterprise environment from Linux systems.
Skip to end of metadataGo to start of metadataOverview:
SLAC's VPN uses posture checking to enforce that antivirus software is installed and that antivirus updates are current. In addition, Cisco's AnyConnect Secure Mobility Client VPN software must be used so that the status of antivirus can be reported to the SLAC VPN ASA's.
SLAC has some pages on installing antivirus and AnyConnect, but they are somewhat distributed, and are mostly focused on systems that are SLAC supported Windows and SLAC supported MacOS. This document is an attempt at providing a streamlined recipe for a self-supported Mac running Linux.
The process described here is for a MacBook Air running the Elementary Linux distribution version 5.1 (based on the Ubuntu Linux 18.04 LTS distribution).
Ethernet and Wireless Networking
This section is very specific to the hardware used. While this is not a general recipe, it may be useful for inspiration of what to try. The MacBook Air has no built-in Ethernet, only wireless. Unfortunately, the default installation of many Linux distributions don't have the correct wireless driver, so the user is left with no way to connect to the network after installation. I was unable to get an Apple Thunderbolt Ethernet adapter to work, but a Linksys USB adapter (model USB3GIGV1) was recognized. Thus, I could use Ethernet to install OS updates and download wireless drivers.
To install wireless drivers, you need to know which chipset is being used. In my case, it was a Broadcom BCM4360 802.11ac adapter. This page on Broadcom Wifi on Ubuntu provided some useful documentation. The 'lspci' will display information about the PCI bus.
On the Broadcom Wifi page listed above, the driver is given by:
Installing the bcmwl-kernel-source
package and rebooting allowed wireless to work. I have found wireless to be very stable.
Antivirus
CLAM AV is an open source antivirus engine. This page gives the following instructions for Ubuntu as well as other distributions. I installed clamav and clamav-daemon. I have added the necessary 'sudo' statements to the recipe.
Cisco AnyConnect VPN Client
The Service Now Linux VPN Knowledgebase article describes obtaining AnyConnect from the VPN server itself. However, the auto-detect mechanism requires Java which you may not have (I didn't). Instead, I installed Cisco AnyConnect manually following the instructions at Cisco AnyConnect manual install. To install, you need to unpack the downloaded archive and run a shell script:
Anyconnect Download
A VPN is a virtual private network which allows you to access most Monash services off-site when you're using a laptop. These services include SAP, Callista, Employee Self Service (ESS), some Library modules, and internally published web pages that can't otherwise be accessed through the internet.
The Monash VPN, Cisco AnyConnect, can be installed on the following systems:
- Windows 7, 8, 8.1, and current Microsoft-supported versions of Windows 10 x86 (32-bit) and x64 (64-bit)
- macOS 10.12, 10.13, 10.14 and 10.15
- Linux Red Hat 6 and 7 and Ubuntu 14.04 (LTS), 16.04 (LTS), and 18.04 (LTS) (64-bit only).
Virtualised environments such as VMWare and Parallels are not supported. More information is available at Cisco.
Cisco Anyconnect Secure Mobility Client Ubuntu 18.04 Version
Install the VPN
- Go to CISCO SSL VPN Service.
Sign in using your Monash username and password (use your username, not your email).
Click Login. - You'll need to authenticate your login:
- If you use Okta Verify, type 2 and click Continue. Then approve the sign in on your mobile phone.
- If you use Google Authenticator, enter your authentication passcode, then click Continue.
- When the window with terms and conditions appears, click Continue to accept the VPN conditions.
- Download and install:
- On Windows computers, the Download & Install page will appear. Click Download for Windows.
- On macOS computers, click AnyConnect VPN and it will install. You can skip the remaining steps in this section.
- Click Keep if you see a message that the file you're downloading may be harmful to your computer.
Once the file has downloaded, run the installation file. - Follow the instructions in the Setup Wizard.
- Once the installation is complete, the Cisco AnyConnect Secure Mobility Client will appear in the applications menu.
- Start the Cisco AnyConnect VPN client after it has been installed (e.g. in Windows, select Start, All Programs, Cisco then Cisco AnyConnect VPN client).
- If a manual installation was performed, enter the address vpn.monash.edu in the Connect to box. For automatic installations, the address should already be filled in.
- Select the appropriate group (for most users, this will be 1-Monash_Authcate).
- Enter your Monash account username and password, then press Connect.
- When you've finished using the VPN service, simply disconnect.
- Find and launch the Cisco AnyConnect Secure Mobility Client application.
- When the application starts, enter 'vpn.monash.edu' in the text box, then click Connect.
Next time you launch the application, the text box will be pre-populated with the address above. - Sign in using your Monash username (not your email) and password.
Click OK. - You'll need to authenticate your login:
- If you use Okta Verify, click Send Push and then approve the sign in on your mobile phone.
- If you use Google Authenticator, enter your authentication passcode, then click Verify.
- When the window with terms and conditions appears, click Accept (to accept the VPN conditions).
- When you've successfully connected, you'll see a message that says 'Connected to vpn.monash.edu.' in the application popup.
When you've finished using the Monash VPN, click Disconnect.