Access Keys:
Skip to content (Access Key - 0)

Q: How can I connect to the MIT VPN using openconnect on Linux?


Use Official Cisco Clients
IS&T strongly recommends that you use the Cisco clients to connect to the VPN. They have been tested and should work on all supported operating systems. By visiting in your web browser, you can download and connect using the official Cisco AnyConnect Secure Mobility Client.

IS&T has received reports that the latest Cisco AnyConnect client on Linux falsely claims it cannot verify as a secure server. If you encounter this, it is due to AnyConnect making use of your Firefox profile to access the root certificate store. You can solve the issue by launching Firefox (which will create a profile), and then quitting it. We are in the process of escalating this issue to Cisco.

System Requirements

  • openconnect is only available in Ubuntu 9.10 (Karmic) and higher. We strongly urge you to use Ubuntu 10.04 (Lucid), as it contains the newest version of the openconnect client, which fixes a number of bugs from previous versions.

Network Manager

On current versions of Ubuntu Lucid, you must reboot the workstation after installing the network-manager-openconnect package. This is due to a bug in the package's configuration scripts. Failure to reboot will result in the misleading error "No VPN secrets" when attempting to connect to the VPN, and the login dialog box will not be displayed.

  1. Be sure you have installed the network-manager-openconnect package and its dependencies.
  2. From the System menu, select Preferences, then Network Connections.
  3. Click on the VPN tab, and then click the Add button.
  4. When prompted to choose a VPN Connection Type, select Cisco AnyConnect Compatible VPN, and click Create...
  5. Assign the connection a useful Connection name such as MIT VPN
  6. For Gateway, enter
  7. For User name, enter your MIT username (e.g. joeuser)
  8. All other settings should be left at their default values. Click Apply.
  9. Click on the NetworkManager icon in the notification area, select VPN Connections, and then select the VPN connection you just configured.
  10. After a moment, you should be prompted for your username and password, and the connection will be established.

To disconnect from the VPN, select the NetworkManager icon in the notification area, select VPN Connections, and then select Disconnect VPN...


  1. Be sure you have installed the openconnect and vpnc packages.
  2. Become root.
  3. Run openconnect -s /etc/vpnc/vpnc-script
    You will be prompted for your MIT username and password, and then the VPN client will connect.
    Once connected, you will have an IP address that begins with 18.100

To disconnect, simply press Ctrl-C to end the openconnect program.

11.10 (oneiric ocelot) 64-bit Notes

We have tried this in 11.10 64-bit and it does work:

Install openconnect with the command sudo apt-get install network-manager-openconnect. From dash, run Network Connections. Create the vpn connection as described in the section above.

If this works, you get an extra tab in the Network Connections app that says "vpn". Then add and use the settings and accept / save the certificate when you try to connect.

Note that the 32-bit installer ( seems to work fine on 32-bit 11.10 - so use that as the first resort.


Documentation and information provided by the MIT Community

Last Modified:

July 31, 2014

Get Help

Request help
from the Help Desk
Report a security incident
to the Security Team
debathena debathena Delete
1110 1110 Delete
oneiric oneiric Delete
ocelot ocelot Delete
vpn vpn Delete
cisco cisco Delete
anyconnect anyconnect Delete
c-vpn c-vpn Delete
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.
This product/service is:
Easy to use
Difficult to use

This article is:
Adaptavist Theme Builder (4.2.3) Powered by Atlassian Confluence 3.5.13, the Enterprise Wiki