OpenConnect on Qubes 3.2. Using a vpn ProxyVM to connect to Cisco ASA VPN .
Create a new vpn ProxyVM using fedora-26 template:
Due to a bug in software from Fedora 25 and later, you have to install a ‘NetworkManager-openconnect-gnome’ package, (which is not in the template by default) or you will get an error creating the VPN Connection in vpn:
So install the package:
Create the Openconnect connection without errors:
Configure the site:
Type your username and password, when connecting, and you’re good to go. This also supports 2FA. You can use the upper right corner in dom0 to connect, since dom0’s network is including proxyVM’s it seems. Very neat, indeed.
Start the selected TemplateVM (I selected fedora-26, since it’s default in Qubes). Clone it if you want.
A prerequisite is the Libxxs shared object, but here was provided a solution for installing it i Fedora.
So, since this is a prerequisite for the VMware Horizon View client, install it now:
Answering yes to any questions.
Start the terminal in and copy the download link from a browser (I try to minimize the use of direct internet access in templates). Download the client.
make the file executable and Install the client(remember sudo ;):
Obviously select yes:
Choose whatever your heart desires:
Await the copying of files…
Choose scan to see if everything is in order:
Chose close and start the client:
Begin configuring your environment:
Qubes has a new graphical feature that enables you to attach a USB device to your VM and then mount it on the VM
The above “work” was already selected and ready for unmounting. Lets go to the VM and list the added disk and mount it:
If in doubt which disk is which, deattach it in Qubes Manager and fdisk -l again to see what’s missing.