How do I use OpenConnect via Network Manager to connect to Juniper VPN?

Question

The more general question: How do I pass arguments/switches to the client in Network Manager?

In order to connect to a Juniper VPN using OpenConnect, I use the following command-line: sudo openconnect --juniper -u me vpn.juniper.example.com

I've installed network-manager-openconnect, but it fails to connect (I get a "XML response has no "auth" node" message in the log window).

How do I configure the vpn client when using Network Manager?

Update
It may not be as simple as passing the --juniper switch. I renamed the client and put a shell script in its place to call the client with the --juniper switch added and saw no difference in the behavior when trying to connect. So the general question remains: how to configure the client when using Network Manager?

score 1 · Answer 1 · answered Apr 10 '18 at 12:45

In Ubuntu 17.10, it seems to "just work" as long as you install not only network-manager-openconnect but also network-manager-openconnect-gnome .

The connection can then be configured via the settings UI: Under Network, VPN click the +, then choose Cisco AnyConnect Compatible VPN, then in the new connection dialog choose Juniper / Pulse OpenConnect and fill in the details.

score 0 · Answer 2 · answered Dec 07 '18 at 19:06

I don't use Network Manager but you may get the same result with the following command line.

echo "PutHereYourPassWord" | openconnect --juniper -u userName --passwd-on-stdin --no-cert-check --authgroup=Users -i tun1 --useragent 'NetScreen-Remote 9.0' --os linux https://10.10.10.10

Note: Replace userName, Users and tun1 with your UserName and corresponding GroupName. Also make sure to select correct tunX device. If your GW does UA sniffing, you may need to set a valid UserAgentString.

If you don't want passwords in CLI, remove corresponding flags, like so:

openconnect --juniper -u userName --no-cert-check --authgroup=Users -i tun1 --useragent 'NetScreen-Remote 9.0' --os linux https://10.10.10.10

score 0 · Answer 3 · answered Aug 06 '16 at 15:09

0

The current stable network manager doesn't support this feature just yet but it is in developement. It seems it will be possible in the 1.4 version.

Source: http://lists.infradead.org/pipermail/openconnect-devel/2016-July/003752.html

answered Aug 06 '16 at 15:09

undu

1

score -1 · Answer 4 · answered Feb 02 '16 at 16:06

-1

See the "Getting Help" section of the OpenConnect web site at http://www.infradead.org/openconnect/mail.html

answered Feb 02 '16 at 16:06

dwmw2

21

How do I use OpenConnect via Network Manager to connect to Juniper VPN?

4 Answers4

Linked