Getting UCI VPN (Cisco AnyConnect) going with Ubuntu 10.04 (either 32 or 64-bit)

OIT has a good general instruction page on setting up the Cisco AnyConnect VPN client software for Linux, but owing to Ubuntu's Network Manager infrastructure being so different, I got tripped up in a couple of places and thought I'd pass on some tips for those who have Ubuntu and want to connect into UCI's VPN.

Summary: I found⁽¹⁾ i could get neither the Cisco AnyConnect client nor the Linux Network Manager openconnect plugins to work by themselves, but with both installed, i can use UCI's VPN.

Here's what worked for me:

1. Install Cisco AnyConnect client licensed to UCI
   1. Go to UCI'S Software licenses page
   2. type vpn in the Free-form query box and hit Go!
      You should be taken to a page for VPN Client by Cisco
   3. Look down to the UCI only information section.
   4. If you're not logged in, click on the Please login... link
   5. Select Linux 32-bit or Linux 64-bit, depending on your system, and click Download my choice
   6. Now, supposing you downloaded this to ~/Downloads, open a terminal and..
      

      cd ~/Downloads
      tar zxvf anyconnect-<version>.tar.gz
      cd ciscovpn
      sudo ./vpn_install.sh
      

2. Install Ubuntu Network Manager plugins

   in a terminal, type:

   sudo apt-get install network-manager-openconnect

   (or install via Synaptic)

3. Configure a NetworkManager VPN profile for UCI

   Network Manager icon in your System Tray on your desktop:
   

   1. left-click on the Network manager icon in your system tray, and choose VPN Connections->Configure VPN⁽²⁾
   2. click Add
   3. choose Cisco AnyConnect Compatible VPN (openconnect) and click Create
   4. Connection name: anything you want, e.g., UCI.
   5. Gateway: vpn.nacs.uci.edu
   6. User name: leave blank.
   7. hit Apply and then Close
4. Install GoDaddy Certificates

   Go to ftp://ftp.uci.edu/linux-anyconnect-cert-fix/ and follow the instructions in the README.

5. Connect/Disconnect

   (From now on, all you should have to do is this section any time you want to connect.)

   1. left-click on Network Manager icon in your system try and choose VPN Connections->UCI (or whatever you named your connection).
   2. click on the "plug" icon to the right of the vpn.nacs.uci.edu, which by its greyed-out appearance would seem to be inactive.
      

      

   3. choose your Group. this corresponds to the VPN Connection Tunnels documented on UCI's VPN-for-Linux page. (for better speed when making non-uci connections, i usually just choose the UCI split tunnel group).
   4. fill in Username and Password with your UCINETID credentials
   5. click Login

      now all your connections to UCI (web, ssh, ftp, etc.) will be through the VPN until you disconnect.

   6. when you're done using the UCI VPN, just left-click on Network Manager icon in your system try and choose VPN Connections->Disconnect VPN.

Please let me know (ucinetid: jas) if you got different mileage, or if you just have suggestions for improvement of this page. Thank you.

Footnotes

⁽¹⁾ ..thanks to a page at Georgia Tech, from which this page is adapted

⁽²⁾ or from the menu, click System->Preferences->Network Connections and select the VPN tab.