Configuring Cisco Secure Clients
This section describes the steps required to install and configure the Cisco Secure Client.
1. Downloading the Cisco Secure Client
Download the Cisco Secure Client from: Download
2. Installing the Cisco Secure Client
The installation is started by running the installation file with administrator rights. You will then be guided through the installation process.
CentOS:
sudo rpm -i <path to installation package>.rpm
Ubuntu:
sudo dpkg -i <path to installation package>.deb
Various distributions:
First, the tar.gz archive must be unpacked. Then, open a terminal and navigate to the directory ‘cisco-secure-client-linux64-5.0.x/vpn’. The actual installation of the Cisco Secure Client is then started by executing the command ‘sudo ./vpn_install.sh’.
Only the ‘AnyConnect VPN’ component should be installed! The additional tools offered for installation under ‘Installation Type’ (such as AMP Enabler, Diagnostics and Reporting Tool, Secure Firewall Posture, etc.) can and should all be deselected. These are not required to establish a VPN connection.
During installation, permission is requested for the services and components of the Cisco Secure Client. Confirming these is essential for the Cisco Secure Client to work properly. If you miss this confirmation during installation (for example, because notifications are suppressed), you can give it later:
- System settings => Privacy & Security => Security
- System settings => General => Login items => Allow in background
3. Setting up the VPN connection to the BTU campus network
Connect to the Internet via a provider of your choice. Then start the Cisco Secure Client, enter vpn-gate.b-tu.de as the connection destination and click on Select or Connect. You can then choose between the following authentication methods.
- Logging in with a BTU account: You log in to the network using the login details (username/password) for your central BTU account. If 2FA token is enabled, you will be asked to enter a ‘OneTimePassword’ generated by the token after logging in.
- Login with certificate (no 2FA): You log into the network using your personal SSL certificate (only for Windows and macOS). This must first be imported into the operating system's certificate store.
- Login via CAS: You log into the network via CAS in the browser window that opens automatically. You can use either your central BTU account or a personal SSL certificate. If 2FA token is enabled, you will be asked to enter a ‘OneTimePassword’ generated with this token after logging in.
Click on Connect to establish the VPN connection.