Using the OpenConnect Client on Linux for Clemson VPN
Estimated Reading Time: 3 MinutesMany flavors of Linux and BSD may be able to connect to the Clemson VPN using the OpenConnect VPN client. While not officially supported, we have had good results using the OpenConnect client. Below is a basic guide to setting up the OpenConnect client.
For more detailed information on OpenConnect, their web site can be found at:
http://www.infradead.org/openconnect.html
Here are some examples of how to configure the OpenConnect client for Linux. Our example will show Ubuntu and Fedora. For installing other distributions, see the OpenConnect website or your distribution’s documentation.
-
First install the network-manager-openconnect package and its dependencies. This will vary depending on the distribution of Linux you are running. In Ubuntu this would be something like
sudo apt-get install network-manager-openconnect
. In Fedora this would be something likesudo yum install network-manager-openconnect
. Since Linux is subject to constant change, Google is always your friend here. -
Once OpenConnect has been installed please reboot your system. Their have been reported issues where the client initially failed to work until the system was rebooted.
-
Next, open the Network Manager (upper right hand corner of the screen) and click Configure VPN as below.
-
Click Add in the new window.
-
Select the Cisco AnyConnect Compatible VPN (OpenConnect) and click Create.
-
Fill in the Connection name with a meaningful name like "Clemson VPN". The Gatewayfield should be cuvpn.clemson.edu. The User name should be your clemson username. Then click Apply
-
There should now be a "Clemson VPN" connection under your Network Manager’s "VPN Connections".
-
Click the button to the right of the VPN hostname to connect. Then enter your Clemson username and password when prompted.
-
Click OK to accept the certificate from the VPN. This should only happen the first time you connect.
Thats it! You should now be connected to the Clemson VPN. Use the network manager to disconnect when you are done with your session.
Optional Commands for Troubleshooting VPN Connections
Some helpful commands for advanced users are ifconfig
and route
. Use the ifconfig
command in a terminal window. Look for the tun0
interface. This is your current VPN connection information.
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:172.23.192.213 P-t-P:172.23.192.213 Mask:255.255.248.0
UP POINTTOPOINT RUNNING NOARP MULTICAST MTU:1406 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 frame:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0B) TX bytes:0 (0.0B)
You may also want to issue the route -n
command from a terminal. This will show you the local routing table on your machine. Look for something similar to the following line. The 0.0.0.0
means the local machine is sending all traffic across the "tun0
" interface (the VPN tunnel to Clemson).
Destination |
Gateway |
Genmask |
Flags |
Metric |
Ref |
Use |
Iface |
0.0.0.0 |
0.0.0.0 |
0.0.0.0 |
U |
0 |
0 |
0 |
tun0 0.0.0.1 |