...
\uD83D\uDCD8 Instructions
Install OpenConnect:
The OpenConnect client is not usually pre-installed on most Linux distributions nor many other Unix-like operating systems. The exact package names can vary from distribution to distribution, but here are some common ones, along with their easy copy/paste install lines:Debian / Ubuntu and derivatives
sudo apt install openconnect
Fedora
sudo dnf install openconnect
Arch and derivatives
sudo pacman -S openconnect
pkgsrc (NetBSD / Multiple operating systems)
cd /usr/pkgsrc/net/openconnect && sudo make install clean clean-depends
pkgin (NetBSD / Multiple operating systems)
sudo pkgin install openconnect
OpenBSD
doas pkg_add openconnect
FreeBSD
sudo pkg install openconnect
Using your distribution’s package manager, install the package and proceed to Connect to the VPN.
Set up openconnect-sso
Directions shown in this section are for Debian / Ubuntu and derivatives.First update your packages and install the pre-requisites.
Code Block sudo apt-get update sudo apt-get install python3-pip python3-venv -y pip3 install --user pipx
Now ensure that
pipx
is in your path.which pipx
If there is no output from the command then continue to the next step. If you do get output skip to appending the correct entry into your path.
Find pipx in your local path.
Code Block user@host:~$ find ./ -iname \*pipx\* find: ‘./.dbus’: Permission denied find: ‘./.cache/dconf’: Permission denied find: ‘./.cache/doc’: Permission denied ./.local/lib/python3.6/site-packages/pipx-0.16.4.dist-info ./.local/lib/python3.6/site-packages/pipx ./.local/lib/python3.6/site-packages/pipx/pipx_metadata_file.py ./.local/lib/python3.6/site-packages/pipx/__pycache__/pipx_metadata_file.cpython-36.pyc ./.local/bin/pipx
Notice the last entry which is a file named
pipx
. If you found the entry from thefind
you can proceed to append the correct entry into your path. If no entry existed you would need to append this into your.bashrc
file (or whatever editor you use).Code Block user@host:~$ echo 'export PATH=${PATH}:~/.local/bin' >> ~/.bashrc
Next you must proceed append the correct entry into your path. For this example the entry we want is
./.local/bin/pipx
.Code Block user@host:~$ export PATH=${PATH}:~/.local/bin user@host:~$ which pipx .local/bin/pipx
Now install openconnect-sso.
pipx install "openconnect-sso[full]"
Connect to the VPN with openconnect-sso:
When you are ready to establish a connection you have to choose whether you want all traffic to go over your VPN (Full Tunnel
) or only traffic destined for WWU address space (Split Tunnel
).For
Full Tunnel
use:openconnect-sso --server remotevpn.wwu.edu/fullmfa --user $USERNAME@wwu.edu
For
Split Tunnel
use:openconnect-sso --server remotevpn.wwu.edu/splitmfa --user $USERNAME@wwu.edu
You will be prompted for your password. After this a window will pop up to request your second factor of authentication.
$USERNAME
is your WWU Universal Account username.Please be aware that this window will need to remain open for the tunnel to remain connected. Unfortunately
openconnect-sso
does not have a background flag the wayOpenConnect
does
...
Th content for this article was researched by the IT staff for the WWU Department of Computer Science, and appears here with their consent. You can access the original article here: Linux/BSD - OpenConnect — CS Support documentation (wwu.edu)
\uD83D\uDCCB Related articles
...