Create connection
VPN_GATEWAY=vpn1.example.com VPN_USER=foo VPN_ROUTES=192.168.11.0/24 nmcli connection add \ connection.id vpn1 \ connection.type vpn \ connection.permissions "user:${USER}" \ ipv4.routes "${VPN_ROUTES}" \ ipv4.ignore-auto-routes yes \ vpn.service-type org.freedesktop.NetworkManager.openconnect \ vpn.data " protocol = anyconnect, authtype = cert, gateway = ${VPN_GATEWAY}, cacert = ${HOME}/vpn1/ca.pem, usercert = ${HOME}/vpn1/certificate.pem, userkey = ${HOME}/vpn1/priv.pem, cookie-flags = 2 " \ vpn.secrets " form:main:group_list=CLIENTGROUP, form:main:username=${VPN_USER}, save_passwords=yes "
Start connection and enter password once
nmcli connection up vpn1
Debug
#journalctl -fxe NM_CONNECTION=8d5ec3cb-99c5-47ea-84e2-38174cd14702 journalctl -fxe -t NetworkManager cat /etc/NetworkManager/system-connections/vpn1.nmconnection nmcli con show vpn1
Links
https://0xsys.blogspot.com/2019/06/configure-vpn-using-nmcli.html