openconnect (Open Source/Free version of Cisco's AnyConnect VPN client)

First off, I write this not as an employee of OIT, but as a member of the Free/Open Source Software/GNU Linux community. OIT does not endorse, suggest, support or even acknowledge the following. It's just really cool.

Secondly, despite all of my primary computers being Linux, I admit I don't know what the state of VPN on Linux is nowadays. This may be too little, too late. 

I do know, however, that getting a working VPN solution on Linux has been...contentious, to say the least, in the past. As you all hopefully know, we've been trying to migrate from the legacy VPN concentrator solution to an SSL-VPN solution. The first attempt was vpn.duke.edu. The latest, and hopefully permanent attempt, is portal.duke.edu. Both solutions require you go to a URL with a java-enabled browser (but not Free/Open Java, such as IcedTea, but Sun Java), download the AnyConnect client, and pray to the Java gods that it all magically works.

For whatever reason, this process has never worked on my Fedora machines (now up to 12). While there is an investigation going on, I did some digging and discovered that there is, in fact, a Free/Open VPN client alternative that works with Cisco's AnyConnect SSL-VPN.

That is openconnect.

For Fedora folks, you can do a 'yum install openconnect NetworkworkManager-openconnect' which will install the main openconnect package, plus allows you to set up your VPN through Network Manager through NetworkManager-openconnect.

For most infer...er, other distros, there should be an apt-get equivalent ;)

Once you have it installed, you can test the main package by running (as root or through sudo) 'openconnect portal.duke.edu'. You'll be prompted for the profile you want to use, most people should just put '-Default-' (yes, you need the dashes before and after). You'll then be prompted for your Username: (your netid) and Password: (your netid password) and you should be connected. 

If you've installed the NetworkManager piece as well, you can go in and set up a new VPN connection (select openconnect versus openvpn (I think it is, ironically, I'm not at a Linux machine at the moment to test). If I recall correctly, the only piece you need is the server you're connecting to (portal.duke.edu) plus your netid and netid password. 

Anyway, thought I'd share this. Happy tinkering and feel free to share your thoughts/feedback. 

--
Brian Johnson
"And I will be even more undignified than this, and will be humble in my own sight." (2 Samuel 6:22)