Install:

1. The Cisco Secure Client / AnyConnect VPN Client for Linux is available from the OUCS Software downloads page for Linux; see release notes for details.
2. Unpack the downloaded file using an archive manager or type tar -xzvf filename from a terminal window (replacing filename with the file’s name).
3. In a terminal window, navigate to the newly created directory beginning ‘cisco’, then to the vpn directory.
4. Start the installation by typing sudo ./vpn_install.sh

Connect:

1. To start the client:
   • Select Cisco Secure Client from the Applications menu.
   or
   • Type vpnui at the command line in the installation directory (for Ubuntu and Debian this is /opt/cisco/secureclient/bin/).
2. Provide vpn.ox.ac.uk as the VPN server, then click Connect.
3. Provide your Oxford username in the format abcd1234@ox.ac.uk and your Single Sign-On (SSO) password.
4. Provide your TOTP 2FA token.

Disconnect:

1. Select the VPN icon in the system tray.
2. Select Disconnect.

Advanced settings:

The Cisco AnyConnect VPN client requires an SSL tunnel (TCP port 443) and optionally a DTLS tunnel (UDP port 443).

VPN clients contact the VPN servers in the netblock 192.76.7.64/27.

VPN clients will be given an IP address from the private IP ranges of 10.1.32.0/20 or 10.10.64.0/18.  These private addresses will be mapped to a public IP in the 129.67.116.0/22 netblock by the use of dynamic PAT.

Further details are available on the OUCS VPN page.