Security

Connect To VPN Server using Cisco AnyConnect on Linux

Josphat Mutai Updated May 24, 2025 · 4 min read
connect to vpn server using cisco anyconnect
cisco anyconnect client connecting to vpn server

This quick guide shows you how to connect to your VPN server using the Cisco AnyConnect application from the command line. If you’re not a fan of using the terminal, no worries – you might prefer the graphical desktop version of AnyConnect, which we covered in our earlier installation guide.

Original content from computingforgeeks.com - post 40360

A basic requirement for this setup is installed AnyConnect Client application. Refer to our guide in the link below for the steps required.

Connect To VPN Server with Cisco AnyConnect from CLI

If you used the installation method covered in our guide, the vpn script used to connect, disconnect, and check the status of VPN is located in the directory below.

$ ls /opt/cisco/anyconnect/bin/                         
total 3.7M
-rwxr-xr-x. 1 root root  14K Dec 13 03:26 acinstallhelper
-rwxr-xr-x. 1 root root 783K Dec 13 03:26 acwebhelper
-rwxr-xr-x. 1 root root  688 Dec 13 03:26 anyconnect_uninstall.sh
-rwxr-xr-x. 1 root root  315 Dec 13 03:26 load_tun.sh
-rwxr-xr-x. 1 root root 506K Dec 13 03:26 manifesttool
drwxr-xr-x. 2 root root 4.0K Dec 13 03:26 plugins
-rwxr-xr-x. 1 root root  76K Dec 13 03:26 vpn
-rwxr-xr-x. 1 root root 999K Dec 13 03:26 vpnagentd
-rwxr-xr-x. 1 root root 418K Dec 13 03:26 vpndownloader
-rwxr-xr-x. 1 root root 398K Dec 13 03:26 vpndownloader-cli
-rwxr-xr-x. 1 root root 487K Dec 13 03:26 vpnui
-rwxr-xr-x. 1 root root 9.2K Dec 13 03:26 vpn_uninstall.sh

Check the vpn connection script command options:

$ /opt/cisco/anyconnect/bin/vpn --help

    Usage: vpn [options] | [cmd] [host]

       options:
            -h         Print this usage statement.
            -v         Print version.
            -s         Read commands from response file to work non-interactively.
                       Example: vpn -s < response.txt

       commands: [connect|disconnect|hosts|state|stats]

Here is a connection example

/opt/cisco/anyconnect/bin/vpn -s connect 192.168.10.10

Accept untrusted connections when prompted and provide your VPN username and password.

Copyright (c) 2004 - 2019 Cisco Systems, Inc.  All Rights Reserved.


  >> state: Disconnected
  >> state: Disconnected
  >> notice: Ready to connect.
  >> registered with local VPN subsystem.
  >> contacting host (192.168.10.10) for login information...
  >> notice: Contacting 192.168.10.10.
AnyConnect cannot verify server: 192.168.10.10
    - Certificate does not match the server name.
Connecting to this server may result in a severe security compromise!

Most users do not connect to untrusted servers unless the reason for the error condition is known.

Connect Anyway? [y/n]: y
>> Please enter your username and password.

Username: [jmutai] 
Password: 
Second Password:

The connection should be initiated if correct credentials were provided.

>> state: Connecting
  >> notice: Establishing VPN session...
The AnyConnect Downloader is analyzing this computer. Please wait...
Initializing the AnyConnect Downloader...
The AnyConnect Downloader is performing update checks...
  >> notice: The AnyConnect Downloader is performing update checks...
  >> notice: Checking for profile updates...
  >> notice: Checking for product updates...
The AnyConnect Downloader updates have been completed.
Please wait while the VPN connection is established...
  >> notice: Checking for customization updates...
  >> notice: Performing any required updates...
  >> notice: The AnyConnect Downloader updates have been completed.
  >> state: Connecting
  >> notice: Establishing VPN session...
  >> notice: Establishing VPN - Initiating connection...
  >> notice: Establishing VPN - Examining system...
  >> notice: Establishing VPN - Activating VPN adapter...
  >> notice: Establishing VPN - Configuring system...
  >> notice: Establishing VPN...
  >> state: Connected

Check VPN Connection status:

$ /opt/cisco/anyconnect/bin/vpn state 
Cisco AnyConnect Secure Mobility Client (version 4.7.01076) .

Copyright (c) 2004 - 2019 Cisco Systems, Inc.  All Rights Reserved.


  >> state: Connected
  >> state: Connected
  >> state: Connected
  >> registered with local VPN subsystem.
VPN>

To pull connection stats, use:

/opt/cisco/anyconnect/bin/vpn stats

Disconnecting VPN

To disconnect from VPN, use the command:

/opt/cisco/anyconnect/bin/vpn -s disconnect 192.168.10.11

Replace 192.168.10.11 with your VPN server IP address.

Automating VPN connection from CLI

If you want a script to automate the connection, first create credentials file.

$ vim ~/.vpn_creds
username
Password
y

Set VPN username and password in the file. Then create a script file like below.

$ vim vpn_connect.sh
#!/bin/bash

VPN_SERVER="192.168.10.10"

echo "Connecting to VPN.."
/opt/cisco/anyconnect/bin/vpn -s  < ~/.vpn_creds connect ${VPN_SERVER}

Make the script executable.

chmod +x vpn_connect.sh

Run the script to connect to your VPN server.

$ ./vpn_connect.sh
Connecting to VPN..
Cisco AnyConnect Secure Mobility Client (version 4.7.01076) .

Copyright (c) 2004 - 2019 Cisco Systems, Inc.  All Rights Reserved.


  >> state: Disconnected
  >> state: Disconnected
  >> notice: Ready to connect.
  >> registered with local VPN subsystem.
  >> contacting host (192.168.10.10) for login information...
  >> notice: Contacting 192.168.10.10.

  >> Please enter your username and password.

Username: [jkmutai] jmutai
Password: 
  >> state: Connecting
  >> notice: Establishing VPN session...
The AnyConnect Downloader is analyzing this computer. Please wait...
Initializing the AnyConnect Downloader...
The AnyConnect Downloader is performing update checks...
  >> notice: The AnyConnect Downloader is performing update checks...
  >> notice: Checking for profile updates...
  >> notice: Checking for product updates...
  >> notice: Checking for customization updates...
The AnyConnect Downloader updates have been completed.
  >> notice: Performing any required updates...
Please wait while the VPN connection is established...
  >> notice: The AnyConnect Downloader updates have been completed.
  >> state: Connecting
  >> notice: Establishing VPN session...
  >> notice: Establishing VPN - Initiating connection...
  >> notice: Establishing VPN - Examining system...
  >> notice: Establishing VPN - Activating VPN adapter...
  >> notice: Establishing VPN - Configuring system...
  >> notice: Establishing VPN...
  >> state: Connected

You’re now securely connected to your corporate network using the AnyConnect VPN client.

More guides on the site;

Josphat Mutai

Founder of Computingforgeeks. Expertise in Virtualization, Cloud, Linux/UNIX Administration, Automation,Storage Systems, Containers, Server Clustering e.t.c.

Related Articles

Containers Configure OPNsense as Kubernetes API Load Balancer (port 6443) Automation 4 Common Automation Testing Mistakes You Must Avoid Security How to Install Astrill Application on Linux Security Configure SSH Two factor (2FA) Authentication on CentOS 8 / RHEL 8

7 thoughts on “Connect To VPN Server using Cisco AnyConnect on Linux”

  2. Hey Mutai,
    Getting this error,

    >> state: Connecting
    >> notice: Establishing VPN session…
    The AnyConnect Downloader is analyzing this computer. Please wait…
    The AnyConnect Downloader is performing update checks…
    >> notice: The AnyConnect Downloader is performing update checks…
    >> notice: Checking for profile updates…
    Failed to get configuration because AnyConnect cannot confirm it is connected to your secure gateway. Contact your system administrator.
    >> notice: Connection attempt has failed.
    >> error: AnyConnect was not able to establish a connection to the specified secure gateway. Please try connecting again.
    >> state: Disconnected

    Reply

Leave a Comment

Press ESC to close