If you are a student at the University of Bergen (UiB), you might have discovered that UiB now uses Cisco AnyConnect instead of their own, self-hosted alternative like before. Personally, I find the Cisco AnyConnect app to be very privacy invading, demaing all these different privileges… so I started looking for alternatives. Luckily, I found an open-source alternative, OpenConnect.

Step 1: Installation#

Firstly, you need to install OpenConnect.

Linux 
sudo apt update && sudo apt install openconnect
macOS 
brew install openconnect
Windows ¯\_(ツ)_/¯

Mabye try to use git-bash or something, I really don’t know.

Step 2: Getting your VPN certificate (using Firefox)#

  1. Login on vpn3.uib.no, with your UiB credentials (abc001)
  2. In the menu-bar click on Tools
  3. Click on Page info
  4. Select the Security tab
  5. Click the button View certificate
  6. In Firefox, under Miscellaneous, you should be able to find a section that says “Download”, choose PEM (cert) and save it to your downloads folder (~/Downloads)

Step 3: Setting up the certificate#

Now that you have managed to retrieve your VPN certificate, you need to setup the certificate so that you will be able to use it.

I created a folder in my home directory (~/) called .cert, so that it is hidden whenever I navigate my files via the File Explorer/Browser.

You can also do that, just do the following:

cd ~/
mkdir .cert
mv Downloads/vpn3-uib-no.pem .cert/

Now the certificate is ready to be used when we connect with OpenConnect

Step 4: Creating an alias (shortcut)#

To save yourself from writing a long command everytime you need to use the VPN, we can create an alias.

This will depend of which shell you are using, I am using ZSH, but the steps are similar for BASH as well.

  1. nano ~/.zshrc
    • .bashrc if you are using BASH
  2. Paste this at the end of the file, and change the username:
    • alias vpn="sudo openconnect --user=abc001 --cafile=~/.cert/vpn3-uib-no.pem vpn3.uib.no"
  3. To save and exit out of nano, press CTRL+X and then Y (for yes) and then Enter to write the changes.
  4. Run source .zshrc

You should now be able to run the command vpn to connect to UiB VPN.

Step 5: How to use#

  1. Run vpn
  2. Input your computer-password
  3. Input your UiB password
  4. (Optional) Input your Microsoft 2FA code
  5. Sucess!

Disconnecting#

Press CTRL+C

Suggestions and/or questions#

If you have any questions, please feel free to contact me!