try vpnc script

hosts/fw.cloonar.com/modules/openconnect.nix

@@ -1,4 +1,20 @@
-{ config, ... }: {
+{ config, pkgs, ... }:
+let
+  vpnc = { name, sha256 }:
+    stdenv.mkDerivation {
+      inherit name;
+      outputHashMode = "recursive";
+      outputHashAlgo = "sha256";
+      outputHash = sha256;
+      builder = writeShellScript "vpnc-script.sh" ''
+        #!/bin/sh
+        export INTERNAL_IP4_DNS=
+
+        . ${pkgs.vpnc-scripts}/vpnc-script
+      '';
+    };
+in
+{
   sops.secrets.wrwks_vpn_key = {};
 
   networking.openconnect.interfaces = {
@@ -7,6 +23,9 @@
       passwordFile = config.sops.secrets.wrwks_vpn_key.path;
       protocol = "anyconnect";
       user = "exdpolakovics@wrwks.local";
+      extraOptions = {
+        script = "${vpnc}/bin/vpnc-script.sh";
+      }
     };
   };
 }