VPN: Connect to Ivanti Secure Access | Linux (Ubuntu / Mint / Debian)

Overview

These instructions are for installing Ivanti Secure Access VPN on Debian, Mint, and Unbuntu Linux.

To get started, download the appropriate VPN—Ivanti Secure Access application based on your OS from the VPN section of the OIT Software Download Site.

Instructions

The OS must be up to date; problems can occur if the system is not up to date. Download the installer package .zip file to your Downloads folder, and unzip it. The certificate (.crt) file is only used with Linux Mint.

The setup procedure is different for each OS:

• Debian 11 and 12 – Skip to Section IV. Install the VPN client and CEF browser
• Ubuntu 22.04 - Skip to Section III. Install the dependencies
• Linux Mint (v22.1 [“Xia”]) - Skip to Section II. Linux Mint — Create a custom source file and install a root certificate
• Ubuntu 24.04 - Follow immediately below. Once complete, skip to Section III. Install the dependencies

I. Ubuntu 24.04 — Modify the sources file

1. In Terminal, run the following commands:
   1. # sudo cp /etc/apt/sources.list.d/ubuntu.sources /etc/apt/sources.list.d/ubuntu.sources.bak
      Note: There is a space between “…ubuntu.sources’ and ‘/etc/apt…”, above
   2. # sudo nano /etc/apt/sources.list.d/ubuntu.sources
2. Highlight all contents, right-click, and click Copy.
3. Use down arrow key to move to bottom line, hit Enter to create an additional line.
4. Right-click, and click Paste.
5. Replace all ‘noble’ entries with ‘jammy’, in the pasted section.
6. Press Ctrl-X , type ‘Y’, and hit Enter [to save the changes].
7. Run # sudo apt update

II. Linux Mint — Create a custom source file and install a root certificate

1. In Terminal, run the following commands:
   1. # cd /etc/apt/sources.list.d ; sudo mkdir extra ; cd extra
   2. # sudo nano jammy-repo.list
2. Add the following line to the file: deb [arch=amd64] http://us.archive.ubuntu.com/ubuntu jammy main restricted universe metaverse
3. Press Ctrl-X, type the letter ‘Y’, and hit Enter to save the changes.
   1. # cd /usr/share/ca-certificates ; sudo mkdir extra ; cd extra
   2. # sudo cp ~/Downloads/InCommonRSAServerCA_2.crt ./
   3. # sudo dpkg-reconfigure ca-certificates
   4. In the new screen that pops up, it will ask, "Trust new certificates from certification authorities?" Tab down to highlight 'yes', and hit Enter.
   5. On "Certificates to activate:" Tap the space bar to mark the listing that is not already selected (extra/ InCommonRSAServerCA_2.crt), using the up/down arrow keys to navigate.
   6. Tab down to 'Ok' and hit Enter.

III. Install the dependencies

1. # sudo apt-get install libwebkit2gtk-4.0-37
2. # sudo apt-get install libnss3-tools

IV. Install the VPN client and CEF browser

1. # cd ~/Downloads
2. # sudo apt install ./ps-pulse-linux-22.7r4-b30859-64-bit-installer.deb
3. # sudo /opt/pulsesecure/bin/setup_cef.sh install
4. Close the Terminal Window.

V. Create the connection profile and connect to the VPN

1. Launch pulseUI from Applications
2. Create connection profile
   1. Name: UTK
   2. Server URL: access.utk.edu
3. Connect using NetID/password & Duo 2FA.