Engineering-Tech Wiki

User Tools

Site Tools

You are here: start » auth » howto » linux » vpnclient
Trace:
auth:howto:linux:vpnclient

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
auth:howto:linux:vpnclient [2022/05/03 10:55] kohoferauth:howto:linux:vpnclient [2022/06/20 11:40] (current) kohofer
Line 381: Line 381:
 Per-user configuration is stored in your home directory in a file called .anyconnect Per-user configuration is stored in your home directory in a file called .anyconnect
  
-====== Install openconnect-sso macOS ======+====== Install openconnect-sso macOS with SAML ====== 
 + 
 +If you don't want to use Cisco Anyconnect on the Apple Mac, you can install openconnect 
 +and openconnect-sso for using SAML! 
 + 
 +**Requirements**: Python3
  
 Install brew Install brew
-/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"+  /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
  
 Install openconnect and pipx Install openconnect and pipx
-brew install openconnect pipx +  brew install openconnect pipx 
-pipx ensurepath+  pipx ensurepath
  
 Install pipx Install pipx
-pip install --user pipx+  pip install --user pipx
  
 Install openconnect-sso Install openconnect-sso
-pipx install "openconnect-sso[full]" +  pipx install "openconnect-sso[full]" 
-pipx ensurepath+  pipx ensurepath
  
 Launch openconnect-sso Launch openconnect-sso
-/Users/user/.local/bin/openconnect-sso -server vpn.scientificnet.org/saml --user kohofer@unibz.it+  /Users/user/.local/bin/openconnect-sso --server vpn.scientificnet.org/saml 
 + 
 +<code> 
 +... 
 +... 
 +[info     ] Loading page                   [webengine] url=https://vpn.scientificnet.org/+CSCOE+/saml/sp/login?tgname=ScientificNetworkSouthTyrol-SAML&acsamlcap=v2 
 +[info     ] Terminate requested.           [webengine]  
 +[info     ] Exiting browser                [webengine]  
 +[info     ] Browser exited                 [openconnect_sso.browser.browser]  
 +[info     ] Response received              [openconnect_sso.authenticator] id=success message= 
 +[sudo] password for <local-username>: 
 + 
 +Connected to 193.106.xxx.xxx:443 
 +SSL negotiation with vpn.scientificnet.org 
 +Server certificate verify failed: signer not found 
 +Connected to HTTPS on vpn.scientificnet.org 
 +Got CONNECT response: HTTP/1.1 200 OK 
 +CSTP connected. DPD 30, Keepalive 20 
 +Connected as 172.xx.xx.xx + 2a02:27e8:10:741:0:dacc:0:2/64, using SSL, with DTLS in progress 
 +Established DTLS connection (using GnuTLS). Ciphersuite (DTLS1.2)-(ECDHE-RSA)-(AES-256-GCM). 
 +Error: any valid prefix is expected rather than "dev"
 + 
 +</code> 
 + 
 +A browser-window will ask for your username and password, next it will ask for the PIN which you need 
 +to generate with an Authenticator! 
 + 
 +Last thing to enter is the sudo password to enable the network interface. 
 + 
 +====== Install openconnect-sso Ubuntu with SAML ====== 
 + 
 +Requirements: 
 + 
 +  sudo apt install python3.8-venv openconnect 
 + 
 +  pip install --user pipx 
 +  pipx install "openconnect-sso[full]" 
 +  pipx ensurepath 
 + 
 +Launch openconnect-sso 
 + 
 +  openconnect-sso --server vpn.scientificnet.org/saml 
 + 
 +A browser window will open, where it might ask for your 2FA/MFA, 
 +then it will ask for your sudo password to get the VPN interface up. 
 +Leave the command running as long as you need VPN. 
 + 
 +You can also add an ampersand (&) and the end of the command to put the command 
 +into background: 
 + 
 +  openconnect-sso --server vpn.scientificnet.org/saml & 
 + 
 + 
/data/www/wiki.inf.unibz.it/data/attic/auth/howto/linux/vpnclient.1651568129.txt.gz · Last modified: 2022/05/03 10:55 by kohofer