OpenConnect is an open-source, command-line-based VPN Client for macOS. OpenConnect supports a wide range of VPN platforms, including Cisco AnyConnect.
This article is intended for users who would prefer to use an open-source client for connecting to our AnyConnect VPN.
Please be aware this article is informational only; Information Security does not support OpenConnect in an official capacity, and you will be on your own if any issues arise. We officially support and recommend the Cisco AnyConnect client.
Installing OpenConnect via Homebrew
To install OpenConnect, you’ll need to ensure you have Homebrew installed on your Mac. If you do not already have Homebrew installed, visit https://brew.sh/ and follow the instructions for installation.
Open Terminal (Applications > Utilities > Terminal).
First, ensure Homebrew is up-to-date using the following command.
$ brew update
After Homebrew finishes updating, run the following command to install OpenConnect.
$ brew install openconnect
OpenConnect should now be installed.
Using OpenConnect
Once OpenConnect has been installed, you are ready to connect.
For a list of available Realms, see Cisco AnyConnect VPN Realms
Starting OpenConnect
To start the VPN connections enter the following command in Terminal, where $realm is the Realm you would like to connect to (e.g., anyconnect.uconn.edu/split or anyconnect.uconn.edu/priv).
sudo openconnect anyconnect.uconn.edu/$realm
You will be prompted to enter your Password (for sudo), followed by your NetID and Password.
Once entered, you will see a bunch of text, which is OpenConnect setting up your session. You can tell you are connected when you see the following message, with $IP_ADDRESS being the IP you receive from AnyConnect:
Established DTLS connection (using GnuTLS). Ciphersuite (DTLS1.2)-(ECDHE-RSA)-(AES-256-GCM). Configured as $IP_ADDRESS, with SSL connected and DTLS connected Session authentication will expire at Thu Feb 24 04:47:42 2022 add host 137.99.22.58: gateway 192.168.1.1 add net 10.195.96.0: gateway 10.195.97.30 add net 52.202.147.91: gateway 10.195.97.30 add net 10.0.0.0: gateway 10.195.97.30 add net 137.99.0.0: gateway 10.195.97.30 add net 137.99.25.14: gateway 10.195.97.30 add net 137.99.203.20: gateway 10.195.97.30
As OpenConnect is command-line based, you need to keep your Terminal window open while you are connected to the VPN. If you do not need to use Terminal for anything else, you can minimize it to your dock or leave it open in the background. If you do need to use Terminal, you can open another Window or Tab in Terminal.
Stopping OpenConnect
When you are ready to disconnect from the VPN, press Control + C in Terminal to kill the session. You will see the following when you are successfully disconnected.
Send BYE packet: Aborted by caller delete net 52.202.147.91: gateway 10.195.97.30 delete net 10.0.0.0: gateway 10.195.97.30 delete net 137.99.0.0: gateway 10.195.97.30 delete net 137.99.25.14: gateway 10.195.97.30 delete net 137.99.203.20: gateway 10.195.97.30 delete host 137.99.22.58: gateway 192.168.1.1 ifconfig: ioctl (SIOCAIFADDR): Destination address required User cancelled (SIGINT/SIGTERM); exiting.