Create connection
VPN_GATEWAY=vpn1.example.com
VPN_USER=foo
VPN_ROUTES=192.168.11.0/24
nmcli connection add \
connection.id vpn1 \
connection.type vpn \
connection.permissions "user:${USER}" \
ipv4.routes "${VPN_ROUTES}" \
ipv4.ignore-auto-routes yes \
vpn.service-type org.freedesktop.NetworkManager.openconnect \
vpn.data "
protocol = anyconnect,
authtype = cert,
gateway = ${VPN_GATEWAY},
cacert = ${HOME}/vpn1/ca.pem,
usercert = ${HOME}/vpn1/certificate.pem,
userkey = ${HOME}/vpn1/priv.pem,
cookie-flags = 2
" \
vpn.secrets "
form:main:group_list=CLIENTGROUP,
form:main:username=${VPN_USER},
save_passwords=yes
"
Start connection and enter password once
Debug
#journalctl -fxe NM_CONNECTION=8d5ec3cb-99c5-47ea-84e2-38174cd14702
journalctl -fxe -t NetworkManager
cat /etc/NetworkManager/system-connections/vpn1.nmconnection
nmcli con show vpn1
Links
https://0xsys.blogspot.com/2019/06/configure-vpn-using-nmcli.html