Connect to VPN network with CAC (smart card) authentication
David Woodhouse
dwmw2 at infradead.org
Tue Nov 14 11:33:41 PST 2017
On Tue, 2017-11-14 at 14:25 -0500, Adam Allgood - NOAA Federal wrote:
> To whom it may concern,
>
> My office is now requiring us to authenticate into their VPN with our
> CAC smart cards. I currently use Cisco AnyConnect on Chrome OS to
> access VPN with an RSA SecurID pin. AnyConnect does not support smart
> card authentication. Is there a way to connect to a VPN network using
> a smart card with OpenConnect? If so, are there a set of instructions
> for how to do it on Chrome OS? I have installed OpenConnect on my
> Chromebook (Acer 14) through the Google Play Store.
Yes, OpenConnect (in general) supports PKCS#11:
http://www.infradead.org/openconnect/pkcs11.html
I don't know offhand if the build in the Google Play Store includes
PKCS#11 support. Can you show 'openconnect --version' output?
If it does, you just need to make sure that the PKCS#11 module for your
card (probably OpenSC) is installed correctly, and has an appropriate
p11-kit module file so that it's visible to applications. The above web
page should be sufficient.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4938 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20171114/e198bed9/attachment-0001.bin>
More information about the openconnect-devel
mailing list