VPN with Cisco Secure Client on Linux
Neu
Preliminary remark
Troubleshooting assistance can be found below.
Neu
General note
Some restricted services of the University or the State and University Library can only be used when you are on campus, so that the device you use has an address from the area assigned to the University.
To access these services from home or on the road, you must install a so-called VPN client software (Cisco Secure Client or OpenConnect) on your device once and establish a connection to the campus with the VPN client before each access to the restricted services. This means that you are "virtually" on campus and can use the services you are used to.
Please note the different types of tunnels and make sure you choose the correct tunnel.
Neu
Initial setup
Make sure that your device is connected to the Internet. Open the website https://vpn.uni-bremen.de, log in with your university account and then download the installation file for Cisco Secure Client.
Then run this installation file as a private user (root) in the terminal, e.g. with the command (the version numbers may be different):
sudo sh cisco-secure-client-linux64-5.x.x.xx-core-vpn-webdeploy-k9.sh
in the directory in which the downloaded file is located. The installation will then run without any further action on your part.
Neu
Connect - Step 1
Start the “Cisco Secure Client” either via the application menu or by executing the command /opt/cisco/secureclient/bin/vpnui.
Neu
Connect - Step 2
Enter “vpn.uni-bremen.de” after “Connect to:” and click on the cogwheel icon to the right of it.
Neu
Connect - Step 3
Check the box “Allow local (LAN) access when using VPN”. This allows you to access resources in your local network (e.g. printers or file shares) even when the VPN connection is activated.
Neu
Connect - Step 4
Close the settings window and click on “Connect” in the main window.
Neu
Connect - Step 5
Select the correct tunnel type under “Group” and enter the user data of your university account after “Username” and “Password”. Then click on “Connect”.
If you have two-factor authentication (2FA) enabled, please enter your one-time password (sometimes also referred to as a ‘second password’ or ‘second passcode’) in the field provided.
If you have not set up two-factor authentication (2FA), simply leave the field blank.
If the field is not visible, you can ignore this paragraph.
The program should now establish the connection.
Neu
Disconnect
If you no longer need the connection, open the Cisco Secure Client window again and click on the “Disconnect” button in the “Connection” tab.
Neu
Troubleshooting
I cannot download the installation file and get the message "Forbidden" instead
Not all university users can access the VPN service. In particular, alumni are excluded from using it.
If you are a regular member of the university (e.g. a regular student or employee) or an employee of the SuUB, please contact the account administration to have the assignment of your account checked.
Neu
I have successfully established a VPN connection, but now I cannot use the library's services?
If you want to use services that are activated for the network area of the University of Bremen, but are not “hosted” in the university's network area (publishers are an example here), then you must change the group from “Tunnel-Uni-Bremen” to “Tunnel-all-Traffic” when establishing the connection. For a detailed explanation, please read the page on VPN tunnel types.
ATTENTION: With this option, all data traffic is now routed through the tunnel. Please only leave the tunnel activated with this option as long as it is required for working.
Neu
Cisco Secure Client does not work with my Linux version. What now?
Under Linux and other un*xoids you can use the free software Openconnect. We also have instructions for this.