There is currently only one KU VPN, which uses 2FA. This document describes how to access it.
Take a look at the official documentation (generally, the material on KUNet is better than its reputation). However, you will notice that there is no documentation for Linux.
First you must set up the KU VPN. You do this by going to vpn.ku.dk. Note that you must use the app (NetIQ Advanced Authenticator) - for some reason the VPN apparently does not work with SMS-based 2FA or NemID/MitID.
Open the connection editor:
$ sudo nm-connection-editor
Then, press Add connection, pick Cisco AnyConnect or openconnect and enter the following:
- Gateway:
vpn.ku.dk
Leave everything else at its default settings. Whenever you activate
the VPN, it will ask for your username, password (both of which can be
saved) and 2FA token (this must be entered every time you connect). If
Cisco AnyConnect or openconnect is not in the list of available
connection types, you would probably need to install some package(s),
depending on your setup (called networkmanager-openconnect on Arch
Linux).
The new VPN uses the Cisco AnyConnect protocol. In order to access it, install OpenConnect and run:
$ sudo openconnect vpn.ku.dkYou will be asked to enter your username and password. You will also need to enter a 2FA token from an authenticator app on your phone, or via a discrete device (see the official documentation above for how to set that up).
You can write a script such that you don't have to enter your username and password every time (do so and put it here!), but you will always need to do the 2FA.
To install OpenConnect under
macOS use brew:
$ brew install openconnect