by

Cisco Anyconnect Opensuse



HOWTO connect to a company's VPN using the Cisco VPN client on linux

  1. Cisco Anyconnect Download
  2. Cisco Anyconnect Opensuse Software
  3. Cisco Anyconnect Linux
  4. Cisco Anyconnect Vpn Linux

Introduction

This HOWTO explains connecting to a VPN gateway over IPSec in 'cert auth mode' utilizing the Cisco VPN client. The 'cert auth mode' refers to the terms used in the vpnc man page, i.e. server + client certificates. The 'cert auth mode' has not been implemented for vpnc, otherwise we would just use vpnc and avoid the headache that follows. openconnect is another alternative, but it does not support IPSec, only HTTPS/SSL. This HOWTO is written with the aim to provide a single document to describe all the steps required, instead of having to search many different things on the Internet.

Open client for Cisco AnyConnect VPN: openSUSE Oss x8664 Official: openconnect-7.08-lp152.8.8.x8664.rpm: Open client for Cisco AnyConnect VPN: openSUSE Update Oss x8664 Official: openconnect-7.08-lp152.9.4.2.x8664.rpm: Open client for Cisco AnyConnect VPN. Compare Cisco AnyConnect alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Cisco AnyConnect in 2021. Compare features, ratings, user reviews, pricing, and more from Cisco AnyConnect competitors and alternatives in order to make an informed decision for your business.

This HOWTO was written from the perspective of an openSUSE 12.1 user, running a 3.1.10-1.9-desktop x86_64 kernel. The author does not claim to be an expert on any terms used, so if you find a mistake then please submit a patch.

Get the certificate provided by CompanyA

The company we are trying to connect to should provide us with some sort of a certificate, e.g. certificate.pfx. This type of certificate is a PKCS12 certificate which bundles the CA certificate for server authentication, the client/user certificate as well as the primary key. Save it somewhere on disk, e.g.:

Install and prepare kernel-source for our linux distro

In order to 'compile' (Cisco calls it 'install') the Cisco IPSec kernel module (see later section) we need the kernel sources for our distro. In openSUSE 12.1 do the following:

Make sure the version that will be installed is the same as the version we are currently running:

When the kernel-source has been installed, execute the following as root:

See http://forums.opensuse.org/english/get-technical-help-here/network-internet/445824-cisco-vpnclient-invalid-module-format.html.

Download, patch and install Cisco VPN client

Now that the kernel-source has been installed we can download, patch and install the Cisco VPN client with the following steps (as root):

Remember to specify the kernel-source directory as /usr/src/linux-<kernel-version>.

The module will be installed to /lib/modules/<kernel-version>/CiscoVPN/cisco_ipsec.ko.

See http://blog.hlavki.eu/2011/12/cisco-vpn-client-on-opensuse-121.html. Thanks a lot for that Michal Hlaváč!

Start the Cisco VPN daemon

The Cisco VPN client installation suggests starting the vpncclient_init service, so do it:

If we get errors such as:

then (1) we compiled/linked the module with the wrong kernel-source or (2) we forgot to symlink the Module.symvers file. We will have to repeat some of the steps above.

See http://forums.fedoraforum.org/showpost.php?p=405087&postcount=19.

Import provided certificate for use with Cisco VPN client

The provided PKCS12 certificate should now be imported. The following commands can be used (as root):

Supply the certificate filename, e.g. /tmp/certificate.pfx as well as the password with which the certificate is locked/encrypted. Next, enter a password that we will easily remember.

Anyconnect

View the imported certificate:

and provide the number of the corresponding certificate when asked. The certificate information will be displayed. Take note of the 'Subject' and 'Serial #' fields as they will be required in the next step.

Configure Cisco VPN client

Cisco Anyconnect Opensuse

Configure a profile for connecting to CompanyA. Let's call the profile 'CompanyA'. As root:

and change the following properties as follows:

Linux

Save the file.

Connect

The moment of truth has arrived. To connect to the VPN of CompanyA, simply execute:

assuming /usr/local/bin is in our PATH.

When prompted, provide the certificate password we chose in a previous step as well as our unique username and password that should also have been provided by CompanyA. We should now be connected.

Open client for Cisco AnyConnect VPN

This package provides a client for Cisco's 'AnyConnect' VPN, which usesHTTPS and DTLS protocols. AnyConnect is supported by the ASA5500 Series,by IOS 12.4(9)T or later on Cisco SR500, 870, 880, 1800, 2800, 3800,7200 Series and Cisco 7301 Routers, and probably others.

  • Version 7.08
  • Size 61.8 KB
  • openSUSE Leap 15.2
Direct Install Expert Download

Distributions

openSUSE Tumbleweed

8.10
2.25
8.10
7.08

Cisco Anyconnect Download

8.10
7.08.r334.g2d2da477
8.10
8.10
8.05

openSUSE Leap 15.2

7.08
8.10
8.05
8.05
8.10

openSUSE Backports for SLE 12 SP1

7.08

Unsupported distributions

The following distributions are not officially supported. Use these packages at your own risk.

SUSE:SLE-15:GA

7.08
8.10
7.08

Cisco Anyconnect Opensuse Software

7.08

openSUSE:Leap:15.0

8.10
7.08
7.08

openSUSE:Leap:15.1

8.10
8.10
7.08
7.08

Cisco Anyconnect Linux

openSUSE:Leap:42.2

7.06
7.06
7.08

openSUSE:Leap:42.3

7.06
7.08

openSUSE:Leap:42.1

Cisco Anyconnect Vpn Linux

7.08
7.06

openSUSE:13.2

7.08
6.00

openSUSE:12.3

3.99
4.08
Opensuse

openSUSE:13.1

4.08

openSUSE:12.2

3.15
3.20

openSUSE:12.1

4.08
3.11

openSUSE:11.3

3.11

Intel:Moblin2

1.00

SUSE:SLE-12:SLE-Module-Toolchain

7.08