Cisco AnyConnect Client is an SSL VPN client which provides VPN functionalities with other features that enable an enterprise to secure its endpoints. In an ideal use case, you’ll use Cisco AnyConnect Secure Mobility Client to connect to a Cisco SSL VPN server. There is an open source creation called OpenConnect. We have a guide on how to connect to VPN Server with OpenConnect SSL VPN Client on Linux.
I encountered so many issues with OpenConnect and decided to give AnyConnect a try. Follow the steps provided in the next sections to install and configure AnyConnect VPN client on a Linux system – Ubuntu/Debian/Fedora/CentOS/RHEL e.t.c.
Step 1: Download AnyConnect Client
AnyConnect client for Linux, Windows and macOS is available on Downloads page . Login with your Cisco account credentials and download the latest anyconnect-linux64* package.
Once the archive file is downloaded, proceed to extract it.
$ tar xvf anyconnect-linux64-4.7.01076-predeploy-k9.tar.gz
Step 2: Install Cisco AnyConnect on Ubuntu / Debian / Fedora
Now that file has been downloaded and extracted, cd to created folder.
You should see below folders.
$ ls dart nvm posture vpn
Navigate to vpn directory and execute vpn_install.sh script with sudo.
Accept License when prompted.
Description of Other Rights and Obligations Please refer to the Cisco Systems, Inc. End User License Agreement. http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html Do you accept the terms in the license agreement? [y/n] y
The installer script will create a systemd service unit file and enable it to start at boot.
You have accepted the license agreement. Please wait while Cisco AnyConnect Secure Mobility Client is being installed... install systemd Installing ./vpnagentd.service Created symlink /etc/systemd/system/multi-user.target.wants/vpnagentd.service → /usr/lib/systemd/system/vpnagentd.service. Starting Cisco AnyConnect Secure Mobility Client Agent... Done!
Step 3:Launch Cisco AnyConnect
For CLI connection, check:
For Desktop, launch Cisco AnyConnect Secure Mobility Client from your Desktop.
Input VPN server IP address and hit connect key. Then click on change settings to trust the server.
Uncheck “Block Connections to untrusted servers“.
After the change, your settings should look similar to below.
Then Click “Connect Anyway” to accept untrusted certificate warning.
When prompted to enter login credentials, input your username and password to be connected.
Your VPN connection should be active. Confirm connection by checking IP address details and routes.
$ ip addr $ ip route
Enjoy using AnyConnect to access your private networks securely over public internet.