The steps in this guide are available as an autobuild shell script
Because the OpenConnect package from Ubuntu is a bit outdated, and if you have a recent AnyConnect server, you need a newer OpenConnect to play with it.
We'll be building OpenConnect mostly with its defaults, but we're going to use OpenSSL rather than GnuTLS. This isn't a philosophical choice: GnuTLS is still maturing, and my testing showed that compilation with GnuTLS leads to a bit of a crapshoot when connecting to AnyConnect endpoints. I haven't debugged this; if you find a good path to compiling with GnuTLS that works reliably, I'm all ears.
sudo apt-get install curl vpnc-scripts build-essential libssl-dev libxml2-dev liblz4-dev
curl -O ftp://ftp.infradead.org/pub/openconnect/openconnect-7.06.tar.gz
curl -O ftp://ftp.infradead.org/pub/openconnect/openconnect-7.06.tar.gz.asc
gpg --keyserver pgp.mit.edu --recv-key 67e2f359
gpg --verify openconnect-7.06.tar.gz.asc
You should see something very much like:
gpg: assuming signed data in `openconnect-7.06.tar.gz'
gpg: Signature made Tue 17 Mar 2015 08:33:15 AM CDT using RSA key ID 67E2F359
gpg: Good signature from "David Woodhouse <[email protected]>"
gpg: aka "David Woodhouse <[email protected]>"
gpg: aka "David Woodhouse <[email protected]>"
gpg: aka "David Woodhouse <[email protected]>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: BE07 D9FD 5480 9AB2 C4B0 FF5F 6376 2CDA 67E2 F359
tar xzf openconnect-7.06.tar.gz
cd openconnect-7.06
./configure --without-gnutls --with-vpnc-script=/usr/share/vpnc-scripts/vpnc-script
make
sudo make install
sudo ldconfig /usr/local/lib
OpenConnect will be at /usr/local/sbin/openconnect