|These instructions do not work for Duo, two-factor, authentication. There are reports Openconnect does not work with MIT's Duo authentication system at all. These reports have not been verified nor has IS&T tested Openconnect with MIT Duo. IS&T does not support Openconnect.|
|Use Official Cisco Clients|
IS&T strongly recommends that you use the Cisco clients to connect to the VPN. They have been tested and should work on all supported operating systems. By visiting http://vpn.mit.edu in your web browser, you can download and connect using the official Cisco AnyConnect Secure Mobility Client.
- openconnect is only available in Ubuntu 9.10 (Karmic) and higher. We strongly urge you to use Ubuntu 10.04 (Lucid), as it contains the newest version of the openconnect client, which fixes a number of bugs from previous versions.
On current versions of Ubuntu Lucid, you must reboot the workstation after installing the network-manager-openconnect package. This is due to a bug in the package's configuration scripts. Failure to reboot will result in the misleading error "No VPN secrets" when attempting to connect to the VPN, and the login dialog box will not be displayed.
- Be sure you have installed the network-manager-openconnect package and its dependencies.
- From the System menu, select Preferences, then Network Connections.
- Click on the VPN tab, and then click the Add button.
- When prompted to choose a VPN Connection Type, select Cisco AnyConnect Compatible VPN, and click Create...
- Assign the connection a useful Connection name such as MIT VPN
- For Gateway, enter vpn.mit.edu
- For User name, enter your MIT username (e.g. joeuser)
- All other settings should be left at their default values. Click Apply.
- Click on the NetworkManager icon in the notification area, select VPN Connections, and then select the VPN connection you just configured.
- After a moment, you should be prompted for your username and password, and the connection will be established.
To disconnect from the VPN, select the NetworkManager icon in the notification area, select VPN Connections, and then select Disconnect VPN...
- Be sure you have installed the openconnect and vpnc packages.
- Become root.
- Run openconnect -s /etc/vpnc/vpnc-script vpn.mit.edu
You will be prompted for your MIT username and password, and then the VPN client will connect.
Once connected, you will have an IP address that begins with 18.100
To disconnect, simply press Ctrl-C to end the openconnect program.
We have tried this in 11.10 64-bit and it does work:
Install openconnect with the command sudo apt-get install network-manager-openconnect. From dash, run Network Connections. Create the vpn connection as described in the section above.
If this works, you get an extra tab in the Network Connections app that says "vpn". Then add and use the settings vpn.mit.edu and accept / save the certificate when you try to connect.
Note that the 32-bit installer (vpnsetup.sh) seems to work fine on 32-bit 11.10 - so use that as the first resort.