This document describes a configuration example for Adaptive Security Appliance (ASA) Cisco AnyConnect Secure Mobility Client access that uses client certificate for authentication for a Linux Operative System (OS) for an AnyConnect user to connect successfully to an ASA Headend. I've been using it since December 2015 as a CISCO AnyConnect client on Ubuntu and it's worked solidly for me. The CISCO client is outdated, clunky, had known vulnerabilities, and required 32-bit compatibility libraries to run on 64-bit Linux.
- Cisco Anyconnect 4.5 Download
- Cisco Anyconnect Linux Smart Card
- Cisco Anyconnect Client Download Linux
- Cisco Anyconnect Linux Cli
Objective
The objective of this article is to guide you through installing, using, and the option of uninstalling AnyConnect VPN Client v4.9.x on Ubuntu Desktop.
Introduction
The Cisco AnyConnect Virtual Private Network (VPN) Mobility Client provides remote users with a secure VPN connection. It provides the benefits of a Cisco Secure Sockets Layer (SSL) VPN client and supports applications and functions unavailable to a browser-based SSL VPN connection. Commonly used by remote workers, AnyConnect VPN lets employees connect to the corporate network infrastructure as if they were physically at the office, even when they are not. This adds to the flexibility, mobility, and productivity of your workers. Cisco AnyConnect is compatible with Windows 7, 8, 8.1, and 10, Mac OS X 10.8 and later, and Linux Intel (x64).
Follow the steps in this article to install the Cisco AnyConnect VPN Mobility Client on a Ubuntu Desktop. In this article, Ubuntu version 20.04 is used.
If you are using a Windows computer, click here to view an article on how to install AnyConnect on Windows.
If you are using a Mac computer, click here to view an article on how to install AnyConnect on Mac.
AnyConnect Software Version
- AnyConnect - v4.9.x (Download latest)
Table of Contents
Installing AnyConnect Secure Mobility Client v4.9.x
Step 1
Download the AnyConnect Pre-Deployment Package for Linux from Cisco Software Downloads.
The latest release at the time of publication was 4.9.01095.
Step 2
Open the Terminal by pressing Ctrl+Alt+T on your keyboard. To navigate to the folder where you have downloaded the AnyConnect Client Package, use the command, ‘cddirectory name’. For more information on the ‘cd’ command, click here.
In this example, the file is placed on the Desktop.
The directory may be different based on the location of the AnyConnect file download. For long filenames or paths, start typing some characters and press the tab key on your keyboard. The filename will auto-populate. If it doesn't even after you press tab twice, it indicates that you need to type more number of unique characters. Alternately, you can use the 'ls' command to list the files in your current directory.
Step 3
The initial download is a tarball archive (several files packed into one), which must be extracted. The command ‘tar xvffilename’ will extract the contents to the same directory in which the initial file is located.
For more information on the ‘tar’ command, click here.
Step 4
Once the folder is extracted, use the ‘cddirectory name’ command again to navigate into the folder.
Cisco Anyconnect 4.5 Download
cd [Directory Name]
Step 5
After navigating into the main folder, ‘cd’ into the vpn sub-folder.
Step 6
To run the AnyConnect install script, type ‘sudo ./vpn_install.sh’. This will begin the installation process using superuser permissions.
sudo ./vpn_install.sh
For more details on the 'sudo' command, click here.
Step 7
Accept the terms in the license agreement to complete the installation by typing ‘y’.
The AnyConnect installation should complete, and the Terminal window can be closed.
Using AnyConnect Secure Mobility Client v4.9.x
Step 1
To access the Anyconnect app, open the Terminal by pressing Ctrl+Alt+T on your keyboard. Use the command, ‘/opt/cisco/anyconnect/bin/vpnui’.
/opt/cisco/anyconnect/bin/vpnui
If you encounter any errors through the Terminal, you can access the app from the applications menu as shown below.
To access the applications menu using the User Interface (UI), click on the start icon (appears as nine dots on the lower left corner). Choose the Anyconnect app.
Alternatively, press Super+A (Super key is the windows icon key) on your keyboard to bring up the search bar. Start typing 'Anyconnect' and the app will appear.
Step 2
Click on the Anyconnect app.
Step 3
Enter the IP Address or Hostname of your desired server followed by the port number.
For RV340 family, the default port number is 8443.
Step 4
Some connections may not be secure using a trusted SSL certificate. By default, AnyConnect Client will block connection attempts to these servers.
Uncheck Block connections to untrusted servers to connect to these servers.
Uninstalling AnyConnect Secure Mobility Client v4.9.x
Step 1
Using Terminal, navigate to the folder that contains the uninstall shell script using the ‘cd’ command.
Neat scanner driver mac download. In a default installation, these files will be located in /opt/cisco/anyconnect/bin/.
Step 2
To run the Anyconnect uninstall script, enter ‘sudo ./vpn_uninstall.sh’
This will begin the uninstall process using superuser permissions. For more information on the 'sudo' command, click here.
Step 3
At the prompt, enter the sudo password and the client software will complete uninstallation.
Conclusion
There you have it! You have now successfully learned the steps to install, use, and uninstall the Cisco AnyConnect Secure Mobility Client v4.9.x on Ubuntu Desktop.
For community discussions on Site-to-Site VPN, go to the Cisco Small Business Support Community page and do a search for Site-to-Site VPN.
AnyConnect App
Cisco Anyconnect Linux Smart Card
The Anyconnect App can be downloaded from the Google Play store or the Apple store.
Additional Resources
Skip to end of metadataGo to start of metadataAnyConnect Support for Linux
Cisco AnyConnect Secure Mobility Client 4.0 supports the following versions of Linux operating system:
- Red Hat 6 (64-bit)
- Ubuntu 12.x (64-bit)
***The AnyConnect GUI is not supported on all Linux distributions. When the GUI is supported, it's appearance is the same as the AnyConnect version 2.5 GUI.
Linux Requirements
- x86 instruction set.
- 64-bit processor.
- 32 MB RAM.
- 20 MB hard disk space.
- Superuser privileges are required for installation.
- libstdc++ users must have libstdc++.so.6(GLIBCXX_3.4) or higher, but below version 4.
- Java 5 (1.5) or later. The only version that works for web installation is Sun Java. You must install Sun Java and configure your browser to use that instead of the default package.
- zlib - to support SSL deflate compression
- xterm - only required if you're doing initial deployment of AnyConnect via Weblaunch from ASA clientless portal.
- gtk 2.0.0. .
- gdk 2.0.0.
- libpango 1.0.
- iptables 1.2.7a or later.
- tun module supplied with kernel 2.4.21 or 2.6.
Cisco Anyconnect Client Download Linux
AnyConnect Installation Instructions for Linux
- Go to https://ramsvpn.vcu.edu and login using your VCU eID and password, and preferred DUO two factor authentication method.
- Click the AnyConnect VPN link to download the installer file.
- Save the AnyConnect installer package to your local computer.
- Find the file downloaded named vpnsetup.sh.
To run the shell executable file named vpnsetup.sh: Open a terminal window and change directories to the directory where vpnsetup.sh is saved, and then type:
Free download driver printer hp laserjet p1006 for mac. sudo sh vpnsetup.sh
- Open AnyConnect. Enter ramsvpn.vcu.edu in the connection bar. Enter your eID and password. Second Password depends on your preferred 2nd factor authentication option (see Authentication Options). Click “Connect”.
- Click “Accept”.
ATTENTION:
Cisco Anyconnect Linux Cli
There are known issues with the Cisco AnyConnect client on various Linux distros. For this reason, we suggest using OpenConnect for Linux. OpenConnect is free and open source SSL VPN client software initially created to support Cisco's AnyConnect SSL VPN.