diff --git a/system-modules/tuda.nix b/system-modules/tuda.nix
index c56591f..97a88fc 100644
--- a/system-modules/tuda.nix
+++ b/system-modules/tuda.nix
@@ -1,5 +1,4 @@
-{ pkgs, ... }@all: with all;
-{
+{ pkgs, ... }@all: with all; {
   environment.etc = {
     "ssl/certs/tuda-eduroam-root.crt".source = "${pkgs.cacert.unbundled}/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_2:1.crt";
   };
@@ -10,4 +9,23 @@
       path = "/etc/NetworkManager/system-connections/eduroam.nmconnection";
     };
   };
+  environment.systemPackages = with pkgs; [
+    openconnect
+    networkmanager-openconnect
+  ];
+  networking.openconnect = {
+    package = pkgs.openconnect;
+    interfaces = {
+      openconnect0 = {
+        autoStart = false;
+        certificate = "/home/nx2/tuda-rootcert.crt";
+        # extraOptions = { compression = "stateless"; no-dtls = true; no-http-keepalive = true; };
+        gateway = "vpn.hrz.tu-darmstadt.de";
+        # passwordFile = "/var/lib/secrets/openconnect-passwd";
+        # privateKey = "/var/lib/secrets/openconnect_private_key.pem";
+        protocol = "anyconnect";
+        user = secrets.email.tuda.tuid;
+      };
+    };
+  };
 }