OpenConnect is an open source, command-line based VPN Client for macOS. OpenConnect supports a wide range of VPN platforms, including Cisco AnyConnect.
This article is intended for users who would prefer to use an open source client for connecting to our AnyConnect VPN.
Please be aware this article is informational only - Information Security does not support OpenConnect in an official capacity, and you will be on your own if any issues arise. We officially support and recommend the Cisco AnyConnect client.
\uD83D\uDCD8 Install OpenConnect via Homebrew
To install OpenConnect, you’ll need to ensure you have Homebrew installed on your Mac. If you do not already have Homebrew installed, please visit https://brew.sh/ and follow the instructions for installation.
Open Terminal (Applications > Utilities > Terminal).
First, ensure Homebrew is up-to-date using the following command.
$ brew update
After Homebrew finishes updating, run the following command to install OpenConnect.
$ brew install openconnect
OpenConnect should now be installed.
\uD83D\uDCD8 Using OpenConnect
Once OpenConnect has been installed, you’re ready to connect.
For a list of available Realms, please see here: Cisco AnyConnect VPN Realms
Starting OpenConnect
To start the VPN connections enter the following command in Terminal, where $realm is the Realm you’d like to connect to, e.g. anyconnect.uconn.edu/split or anyconnect.uconn.edu/priv:
sudo openconnect anyconnect.uconn.edu/$realm
You’ll be prompted to enter your Password (for sudo), followed by your NetID and Password.
Once entered you’ll see a bunch of text, which is OpenConnect setting up your session. You can tell you’re connected when you see the following message, with $IP_ADDRESS being the IP you receive from AnyConnect:
Established DTLS connection (using GnuTLS). Ciphersuite (DTLS1.2)-(ECDHE-RSA)-(AES-256-GCM). Configured as $IP_ADDRESS, with SSL connected and DTLS connected Session authentication will expire at Thu Feb 24 04:47:42 2022 add host 137.99.22.58: gateway 192.168.1.1 add net 10.195.96.0: gateway 10.195.97.30 add net 52.202.147.91: gateway 10.195.97.30 add net 10.0.0.0: gateway 10.195.97.30 add net 137.99.0.0: gateway 10.195.97.30 add net 137.99.25.14: gateway 10.195.97.30 add net 137.99.203.20: gateway 10.195.97.30
As OpenConnect is command-line based, you’ll need to keep your Terminal window open while you’re connected to the VPN. If you don’t need to use Terminal for anything else, you can minimize it to your dock, or leave it open in the background. If you do need to use Terminal, you can open another Window or Tab in Terminal.
Stopping OpenConnect
When you’re ready to disconnect from the VPN, you can press Control + C in Terminal to kill the session. You’ll see the following when you’re successfully disconnected:
Send BYE packet: Aborted by caller delete net 52.202.147.91: gateway 10.195.97.30 delete net 10.0.0.0: gateway 10.195.97.30 delete net 137.99.0.0: gateway 10.195.97.30 delete net 137.99.25.14: gateway 10.195.97.30 delete net 137.99.203.20: gateway 10.195.97.30 delete host 137.99.22.58: gateway 192.168.1.1 ifconfig: ioctl (SIOCAIFADDR): Destination address required User cancelled (SIGINT/SIGTERM); exiting.