I had a need to drop my Raspberry flavored MITMProxy in between a service located behind a Cisco AnyConnect VPN. While Cisco appears to have a linux client, the pre-compiled binary was not compiled for ARM. I also failed to locate a means to compile it myself. There had to be another way…
After some googling, I stumbled upon openconnect. My initial go with this wasn’t straight forward, as I missed the fact that you need a vpnc-script. Luckily, openconnect’s “Getting Started” site provides you one that can be used. From this point it was pretty straight forward. The steps below are what I used in order to get this up and running.
Downloading and Compiling
Step 1: Let’s go get the source.
cd /tmp wget ftp://ftp.infradead.org/pub/openconnect/openconnect-7.07.tar.gz
Note: The version that was current at the time of this was 7.07. Be sure to check this site for a later version.
Step 2: Compile openconnect and install it.
tar xzf openconnect-7.07.tar.gz cd openconnect-7.07 ./configure --disable-nls --with-vpnc-script=/etc/vpnc/vpnc-script make sudo make install
Download the vpnc-script
Step 1: Let’s get the vpnc-script that we need.
Step 2: Move the vpnc-script to where openconnect expects it to live.
sudo mkdir /etc/vpnc && sudo mv vpnc-script /etc/vpnc/vpnc-script
Step 3: Change the permissions so that it is executable by the owner (root).
sudo chmod u+x /etc/vpnc/vpnc-script
Establish the VPN Connection
Step 1: Start up the VPN connection by running the following:
sudo openconnect --script /etc/vpnc/vpnc-script <your_vpn_connection_address>
Note: If you use dnsmasq, you’ll need to restart dnsmasq if your VPN has it’s own DNS servers. To do that, do the following:
sudo systemctl restart dnsmasq
Hopefully this helps you out. Leave any questions or comments below.