Engineering-Tech Wiki

User Tools

Site Tools

You are here: start » auth » howto » linux » vpnclient
Trace:
auth:howto:linux:vpnclient

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
auth:howto:linux:vpnclient [2022/05/06 09:41] – [Install openconnect-sso macOS with SAML] kohoferauth:howto:linux:vpnclient [2022/06/20 11:40] (current) kohofer
Line 403: Line 403:
  
 Launch openconnect-sso Launch openconnect-sso
-  /Users/user/.local/bin/openconnect-sso --server vpn.scientificnet.org/saml --user <username>@<domain+  /Users/user/.local/bin/openconnect-sso --server vpn.scientificnet.org/saml 
-  + 
 +<code> 
 +... 
 +... 
 +[info     ] Loading page                   [webengine] url=https://vpn.scientificnet.org/+CSCOE+/saml/sp/login?tgname=ScientificNetworkSouthTyrol-SAML&acsamlcap=v2 
 +[info     ] Terminate requested.           [webengine]  
 +[info     ] Exiting browser                [webengine]  
 +[info     ] Browser exited                 [openconnect_sso.browser.browser]  
 +[info     ] Response received              [openconnect_sso.authenticator] id=success message= 
 +[sudo] password for <local-username>
 + 
 +Connected to 193.106.xxx.xxx:443 
 +SSL negotiation with vpn.scientificnet.org 
 +Server certificate verify failed: signer not found 
 +Connected to HTTPS on vpn.scientificnet.org 
 +Got CONNECT response: HTTP/1.1 200 OK 
 +CSTP connected. DPD 30, Keepalive 20 
 +Connected as 172.xx.xx.xx + 2a02:27e8:10:741:0:dacc:0:2/64, using SSL, with DTLS in progress 
 +Established DTLS connection (using GnuTLS). Ciphersuite (DTLS1.2)-(ECDHE-RSA)-(AES-256-GCM). 
 +Error: any valid prefix is expected rather than "dev"
 + 
 +</code
 A browser-window will ask for your username and password, next it will ask for the PIN which you need A browser-window will ask for your username and password, next it will ask for the PIN which you need
 to generate with an Authenticator! to generate with an Authenticator!
  
 Last thing to enter is the sudo password to enable the network interface. Last thing to enter is the sudo password to enable the network interface.
 +
 +====== Install openconnect-sso Ubuntu with SAML ======
 +
 +Requirements:
 +
 +  sudo apt install python3.8-venv openconnect
 +
 +  pip install --user pipx
 +  pipx install "openconnect-sso[full]"
 +  pipx ensurepath
 +
 +Launch openconnect-sso
 +
 +  openconnect-sso --server vpn.scientificnet.org/saml
 +
 +A browser window will open, where it might ask for your 2FA/MFA,
 +then it will ask for your sudo password to get the VPN interface up.
 +Leave the command running as long as you need VPN.
 +
 +You can also add an ampersand (&) and the end of the command to put the command
 +into background:
 +
 +  openconnect-sso --server vpn.scientificnet.org/saml &
 +
 +
 +
/data/www/wiki.inf.unibz.it/data/attic/auth/howto/linux/vpnclient.1651822866.txt.gz · Last modified: 2022/05/06 09:41 by kohofer