Topics Map > Infrastructure > Virtual Machines > Linux VM
Topics Map > Infrastructure > Network > Virtual Private Network (VPN)

How do I install and use UIC VPN on Linux?

This document provides instructions on use of UIC’s VPN solution. Please note that the use of this VPN solution requires you to enroll in the university’s 2-Factor Authentication (2FA) solution. 2FA provides an additional level of security to protect your resources.

Prerequisites for VPN

In order to utilize UIC’s new VPN solution, you will need to enroll in the university’s 2-Factor Authentication (2FA) solution. Visit https://identity.uillinois.edu for more information and to get enrolled!

Cisco-supported Versions

Some versions of Red Hat Linux and Ubuntu are compatible with the Cisco AnyConnect VPN client. See the AnyConnect 4.3 Release Notes for a detailed listing of which versions and features are supported.

Download VPN Software

  1. To download UIC’s AnyConnect VPN software, navigate your browser to https://go.uic.edu/getVPN, add the offering to your cart, and checkout (note: there is no charge for this software).
  2. On the resulting order confirmation page, select to download the AnyConnect client for Linux. Save the file at an easily findable location, such as your desktop or downloads folder.

Install the VPN Software

If you are using Ubuntu, you may also need to install the OpenConnect Network Manager in order to make the GUI work correctly:

for Ubuntu 16 try:

 sudo apt-get install openconnect network-manager-openconnect-gnome

for older versions of Ubuntu, this command might be needed.

 sudo apt-get install network-manager-openconnect

Please note that you may encounter an Untrusted VPN Certificate error. If you do, there is information on resolution found at Georgia Tech's site.

The information below has been modeled on the University of California at Irvine instructions provided at:

University of California at Irvine - Setting up VPN for Linux

J. Stern, University of California at Irvine - Ubuntu

Additional troubleshooting tips are available there.

Red Hat Linux

As root, first unzip and untar the file, then run the vpn_install shell script. [Note the file name and directory name will change as the version changes. The example below was from version 4.3.05017.]

su root
tar xzvf (name of downloaded file)
cd anyconnect-4.3.05017/vpn
./vpn_install.sh

The vpn client will be installed on your system and the vpnagentd process will be started. This process will be started each time your system is booted.

Starting the VPN client

To start the VPN client:

  • Command line:
    In a terminal window, type
    /opt/cisco/anyconnect/bin/vpnui

  • Gnome user interface:
    Look for Cisco AnyConnect in the menu system.

  • Fedora:
    Look in Applications -> Internet

The Connect to: box appears.

  • Enter vpn.uic.edu and press return.

When the connection begins, enter the following:

  • The Group will be pre-selected as General-Use, but you may want to change this (you will need to change the group in order to access Library resources). Review What group should I use for AnyConnect VPN? .
  • In the Username field type your UIC NetID 
  • In the Password field type your UIC common password.
  • In the Second Password field, what you enter will depend on the 2FA method you want to use. Follow the instructions below for the method of your choice:
    • Type push if you have the Duo App installed in your smart phone, then click OK. Your phone will prompt you to authorize the login request via the Duo app. Approve the login request to proceed. For more information about the Duo mobile app, see 2FA - Installing the Duo Mobile app.
    • Or type phone if you want to receive a phone call to your registered phone number, then click OK. Answer the call and follow the instructions given.
    • Or type sms if you want to get a code via text message to your registered mobile device, then click OK. Your login attempt will ‘fail’ and you will be prompted to login to AnyConnect again. This time, re-enter your common password, and in the Second Password field enter the 6-digit code received via the text message. Note: the passcode expires after 5 minutes.
    • If the above methods do not work for you, or you prefer not to use them, you can also directly enter the 6-digit code generated by your Duo mobile app or your registered physical token.
      Duo interface                   Duo Passcode

In the box that appears, click Accept.

You are now ready to use your VPN connection.

Ubuntu

A good source to help with this: http://www.socsci.uci.edu/~jstern/uci_vpn_ubuntu/

First, extract the files and install as root:

cd ~/Downloads
tar zxvf (the download file)
cd (the extracted file directory)/vpn
sudo ./vpn_install.sh

Accept the license agreement when prompted.

Then install the Ubuntu Network Manager plugins (note, even with this package Ubuntu 16 does not support the GUI interface: see https://askubuntu.com/questions/760864/no-more-anyconnect-compatible-vpn-transport-in-ubuntu-16-04 for more information):

sudo apt-get install openconnect network-manager-openconnect-gnome

To configure the VPN using the Network Manager:

  1. Click on the "Network Manager" icon in your System Tray on your desktop.
  2. In the menu that appears, go to  VPN Connections -> Configure VPN
  3. Click Add.
  4. Choose Cisco AnyConnect Compatible VPN (openconnect) and click Create.
  5. Enter the following information:
    • Connection name: UIC VPN
    • Gateway: vpn.uic.edu
    • User name: Leave blank at this point.
  6. Click Save.

Starting the VPN client

  1. Click on the "Network Manager" icon in your System Tray on your desktop.
  2. In the menu that appears, go to  VPN Connections and click Tech Services VPN.
  3. Click on the connection icon (two screens).
  4. Enter the following information:
    • The Group will be pre-selected as General-Use, but you may want to change this (you will need to change the group in order to access Library resources). Review What group should I use for AnyConnect VPN? .
    • In the Username field type your UIC NetID 
    • In the Password field type your UIC common password.
    • In the Second Password field, what you enter will depend on the 2FA method you want to use. Follow the instructions below for the method of your choice:
      • Type push if you have the Duo App installed in your smart phone, then click OK. Your phone will prompt you to authorize the login request via the Duo app. Approve the login request to proceed. For more information about the Duo mobile app, see this document: https://answers.uillinois.edu/internal/page.php?id=67790
      • Or type phone if you want to receive a phone call to your registered phone number, then click OK. Answer the call and follow the instructions given.
      • Or type sms if you want to get a code via text message to your registered mobile device, then click OK. Your login attempt will ‘fail’ and you will be prompted to login to AnyConnect again. This time, re-enter your common password, and in the Second Password field enter the 6-digit code received via the text message. Note: the passcode expires after 5 minutes.
      • If the above methods do not work for you, or you prefer not to use them, you can also directly enter the 6-digit code generated by your Duo mobile app or your registered physical token.
        Duo interface                   Duo Passcode
  5. Click Login.

Disconnecting the VPN client

  1. Click on the "Network Manager" icon in your System Tray on your desktop.
  2. Go to VPN Connections -> Disconnect VPN.

See Also:




Keywords:VPN, Linux, Red Hat, Ubuntu, Cisco, AnyConnect, download, installation, configuration, OpenVPN   Doc ID:86975
Owner:Charles N.Group:University of Illinois at Chicago ACCC
Created:2018-10-22 08:18 CDTUpdated:2019-09-10 15:31 CDT
Sites:University of Illinois at Chicago ACCC
Feedback:  0   0