Ubuntu 13.10 problems with Cisco AnyConnect VPN

When I upgraded from Ubuntu 12.10 to 13.10, my VPN to Cisco AnyConnect stopped working. I use NetworkManager to initiate VPN connection. VPN connection would fail multiple times before connecting finally. Logs showed openconnect process simply exits with error code 1. Initially I thought the problem was with TLS support in the libraries since openconnect was also logging TLS failures in the log. So I replaced /usr/sbin/openconnect with a script that would invoke real openconnect binary with --no-dtls option but that did not help. I tried a workaround based upon a suggestion from a colleague and that worked. So here is the workaround:

Workaround

Initiate VPN connection from Network Manager. When the "Connect to VPN...." window comes up:

Double click on the connect button, instead of clicking it just once. This causes two instances of openconnect to be launched. Somehow at least one of them seems to not die. Now click on Login button as usual after it has established connection with the VPN gateway server. This also creates two VPN network interfaces but you can ignore that and look at the active connection in ifconfig -a output after VPN connection is established. If you have scripts that you run after VPN connection is established that do anything with the VPN network interface, you will need to adjust it since vpn0 may not be the active interface any more.

I have not traced openconnect process yet to see where it dies, but this workaround works reliably for now.