diff --git a/nixos/flake.nix b/nixos/flake.nix
index 8607295..3909e0f 100644
--- a/nixos/flake.nix
+++ b/nixos/flake.nix
@@ -43,12 +43,10 @@
       ];
 
       sharedOverlays = [
-        (import ./overlays/letter)
-        (import ./overlays/icosystem)
         (import ./overlays/cmdtime)
-      ];
-
-      sharedOverlays = [
+        (import ./overlays/icosystem)
+        (import ./overlays/letter)
+        (import ./overlays/openconnect-sso)
         (import ./overlays/spotify)
       ];
 
diff --git a/nixos/hosts/Tibo-NixDesk/default.nix b/nixos/hosts/Tibo-NixDesk/default.nix
index b114570..c5bdc77 100644
--- a/nixos/hosts/Tibo-NixDesk/default.nix
+++ b/nixos/hosts/Tibo-NixDesk/default.nix
@@ -11,6 +11,8 @@
       model = "RTX 2060";
     };
 
+    networking.openconnect-sso.enable = true;
+
     programs = {
       home-manager.enable = true;
       sops.enable = true;
diff --git a/nixos/hosts/Tibo-NixFat/default.nix b/nixos/hosts/Tibo-NixFat/default.nix
index f8bf36e..1773ba7 100644
--- a/nixos/hosts/Tibo-NixFat/default.nix
+++ b/nixos/hosts/Tibo-NixFat/default.nix
@@ -11,6 +11,8 @@
       model = "Quadro T2000";
     };
 
+    networking.openconnect-sso.enable = true;
+
     programs = {
       home-manager.enable = true;
       sops.enable = true;
diff --git a/nixos/modules/default.nix b/nixos/modules/default.nix
index 7c3c16f..7227806 100644
--- a/nixos/modules/default.nix
+++ b/nixos/modules/default.nix
@@ -2,6 +2,7 @@
   imports = [
     ./desktop
     ./hardware
+    ./networking
     ./programs
     ./services
     ./virtualisation
diff --git a/nixos/modules/networking/default.nix b/nixos/modules/networking/default.nix
new file mode 100644
index 0000000..d44dd42
--- /dev/null
+++ b/nixos/modules/networking/default.nix
@@ -0,0 +1,5 @@
+{
+  imports = [
+    ./openconnect-sso
+  ];
+}
diff --git a/nixos/modules/networking/openconnect-sso/default.nix b/nixos/modules/networking/openconnect-sso/default.nix
new file mode 100644
index 0000000..3b400f8
--- /dev/null
+++ b/nixos/modules/networking/openconnect-sso/default.nix
@@ -0,0 +1,20 @@
+{ config, lib, pkgs, ... }:
+
+let
+  cfg = config.sisyphus.networking.openconnect-sso;
+in {
+  options.sisyphus.networking.openconnect-sso.enable = lib.mkEnableOption "OpenConnect SSO";
+
+  config = lib.mkIf cfg.enable {
+    nixpkgs = {
+      config.permittedInsecurePackages = [
+        "python3.10-requests-2.28.2"
+        "python3.10-cryptography-40.0.1"
+      ];
+    };
+
+    environment.systemPackages = with pkgs; [
+      openconnect-sso
+    ];
+  };
+}
diff --git a/nixos/overlays/openconnect-sso/default.nix b/nixos/overlays/openconnect-sso/default.nix
new file mode 100644
index 0000000..4759c18
--- /dev/null
+++ b/nixos/overlays/openconnect-sso/default.nix
@@ -0,0 +1,4 @@
+import "${builtins.fetchTarball {
+  url = "https://github.com/vlaci/openconnect-sso/archive/master.tar.gz";
+  sha256 = "08cqd40p9vld1liyl6qrsdrilzc709scyfghfzmmja3m1m7nym94";
+}}/overlay.nix"