error during connection "Invalid host entry. Please re-enter."
James Martin
jmartin at learningobjects.com
Thu Oct 8 11:32:34 EDT 2009
I just realized I sent this personally to David and not the mailing
list, my apologies.
On Wed, Oct 7, 2009 at 1:36 AM, David Woodhouse <dwmw2 at infradead.org> wrote:
>
> Hm, I've no idea what that means. Does the official Cisco client work,
> and can you compare the traffic it generates with the traffic from
> openconnect?
Thank you for the quick response.
The official cisco client does work, below is the tcpdump comparing
anyconnect to openconnect.
Here's the tcpdump of the official cisco anyconnect client performing
a successful authentication:
12:20:01.060513 IP 192.168.1.100.54954 > vpn.mycompany.com.https:
Flags [S], seq 1236045847, win 65535, options [mss 1460,nop,wscale
3,nop,nop,TS val 560059998 ecr 0,sackOK,eol], length 0
12:20:01.089790 IP vpn.mycompany.com.https > 192.168.1.100.54954:
Flags [S.], seq 2668914402, ack 1236045848, win 8192, options [mss
1380], length 0
12:20:01.089857 IP 192.168.1.100.54954 > vpn.mycompany.com.https:
Flags [.], ack 1, win 65535, length 0
12:20:01.091027 IP 192.168.1.100.54954 > vpn.mycompany.com.https:
Flags [P.], seq 1:61, ack 1, win 65535, length 60
12:20:01.120728 IP vpn.mycompany.com.https > 192.168.1.100.54954:
Flags [.], ack 61, win 8192, length 0
12:20:01.120886 IP vpn.mycompany.com.https > 192.168.1.100.54954:
Flags [P.], seq 1:865, ack 61, win 8192, length 864
12:20:01.120933 IP 192.168.1.100.54954 > vpn.mycompany.com.https:
Flags [.], ack 865, win 65535, length 0
12:20:01.182111 IP 192.168.1.100.54954 > vpn.mycompany.com.https:
Flags [P.], seq 61:247, ack 865, win 65535, length 186
12:20:01.196182 IP vpn.mycompany.com.https > 192.168.1.100.54954:
Flags [.], ack 247, win 8192, length 0
12:20:01.197513 IP vpn.mycompany.com.https > 192.168.1.100.54954:
Flags [P.], seq 865:912, ack 247, win 8192, length 47
12:20:01.197547 IP 192.168.1.100.54954 > vpn.mycompany.com.https:
Flags [.], ack 912, win 65535, length 0
12:20:01.197813 IP 192.168.1.100.54954 > vpn.mycompany.com.https:
Flags [P.], seq 247:452, ack 912, win 65535, length 205
12:20:01.214195 IP vpn.mycompany.com.https > 192.168.1.100.54954:
Flags [.], ack 452, win 8192, length 0
12:20:01.222321 IP vpn.mycompany.com.https > 192.168.1.100.54954:
Flags [P.], seq 912:1233, ack 452, win 8192, length 321
12:20:01.222366 IP 192.168.1.100.54954 > vpn.mycompany.com.https:
Flags [.], ack 1233, win 65535, length 0
12:20:01.222902 IP 192.168.1.100.54954 > vpn.mycompany.com.https:
Flags [P.], seq 452:676, ack 1233, win 65535, length 224
12:20:01.240819 IP vpn.mycompany.com.https > 192.168.1.100.54954:
Flags [.], ack 676, win 8192, length 0
12:20:01.240901 IP vpn.mycompany.com.https > 192.168.1.100.54954:
Flags [P.], seq 1233:1474, ack 676, win 8192, length 241
12:20:01.240943 IP 192.168.1.100.54954 > vpn.mycompany.com.https:
Flags [.], ack 1474, win 65535, length 0
12:20:01.241050 IP 192.168.1.100.54954 > vpn.mycompany.com.https:
Flags [P.], seq 676:703, ack 1474, win 65535, length 27
12:20:01.241132 IP 192.168.1.100.54954 > vpn.mycompany.com.https:
Flags [F.], seq 703, ack 1474, win 65535, length 0
12:20:01.241460 IP vpn.mycompany.com.https > 192.168.1.100.54954:
Flags [FP.], seq 1474, ack 676, win 8192, length 0
12:20:01.241472 IP 192.168.1.100.54954 > vpn.mycompany.com.https:
Flags [F.], seq 703, ack 1475, win 65535, length 0
12:20:01.241527 IP 192.168.1.100.54955 > vpn.mycompany.com.https:
Flags [S], seq 3308797588, win 65535, options [mss 1460,nop,wscale
3,nop,nop,TS val 560060000 ecr 0,sackOK,eol], length 0
12:20:01.257767 IP vpn.mycompany.com.https > 192.168.1.100.54954:
Flags [R], seq 2668915876, win 8192, length 0
12:20:01.270032 IP vpn.mycompany.com.https > 192.168.1.100.54955:
Flags [S.], seq 1016403697, ack 3308797589, win 8192, options [mss
1380], length 0
12:20:01.270089 IP 192.168.1.100.54955 > vpn.mycompany.com.https:
Flags [.], ack 1, win 65535, length 0
12:20:01.270299 IP 192.168.1.100.54955 > vpn.mycompany.com.https:
Flags [P.], seq 1:93, ack 1, win 65535, length 92
12:20:01.286664 IP vpn.mycompany.com.https > 192.168.1.100.54955:
Flags [.], ack 93, win 8192, length 0
12:20:01.288218 IP vpn.mycompany.com.https > 192.168.1.100.54955:
Flags [P.], seq 1:1025, ack 93, win 8192, length 1024
12:20:01.288261 IP 192.168.1.100.54955 > vpn.mycompany.com.https:
Flags [.], ack 1025, win 65535, length 0
12:20:02.222850 IP 192.168.1.100.54954 > vpn.mycompany.com.https:
Flags [FP.], seq 676:703, ack 1475, win 65535, length 27
12:20:04.224729 IP 192.168.1.100.54954 > vpn.mycompany.com.https:
Flags [FP.], seq 676:703, ack 1475, win 65535, length 27
12:20:08.228230 IP 192.168.1.100.54954 > vpn.mycompany.com.https:
Flags [FP.], seq 676:703, ack 1475, win 65535, length 27
12:20:12.754228 IP 192.168.1.100.54955 > vpn.mycompany.com.https:
Flags [P.], seq 93:1179, ack 1025, win 65535, length 1086
12:20:12.777123 IP vpn.mycompany.com.https > 192.168.1.100.54955:
Flags [.], ack 1179, win 8192, length 0
12:20:12.796408 IP vpn.mycompany.com.https > 192.168.1.100.54955:
Flags [P.], seq 1025:1072, ack 1179, win 8192, length 47
12:20:12.796439 IP 192.168.1.100.54955 > vpn.mycompany.com.https:
Flags [.], ack 1072, win 65535, length 0
12:20:12.796654 IP 192.168.1.100.54955 > vpn.mycompany.com.https:
Flags [F.], seq 1179, ack 1072, win 65535, length 0
12:20:12.824161 IP vpn.mycompany.com.https > 192.168.1.100.54955:
Flags [.], ack 1180, win 8192, length 0
12:20:12.824166 IP vpn.mycompany.com.https > 192.168.1.100.54955:
Flags [FP.], seq 1072, ack 1180, win 8192, length 0
12:20:12.824232 IP 192.168.1.100.54955 > vpn.mycompany.com.https:
Flags [.], ack 1072, win 65535, length 0
12:20:12.824259 IP 192.168.1.100.54955 > vpn.mycompany.com.https:
Flags [.], ack 1073, win 65535, length 0
12:20:16.236835 IP 192.168.1.100.54954 > vpn.mycompany.com.https:
Flags [FP.], seq 676:703, ack 1475, win 65535, length 27
12:20:18.580082 IP 192.168.1.100.54964 > vpn.mycompany.com.https:
Flags [S], seq 3875404239, win 65535, options [mss 1460,nop,wscale
3,nop,nop,TS val 560060173 ecr 0,sackOK,eol], length 0
12:20:18.601083 IP vpn.mycompany.com.https > 192.168.1.100.54964:
Flags [S.], seq 3995705430, ack 3875404240, win 8192, options [mss
1380], length 0
12:20:18.601154 IP 192.168.1.100.54964 > vpn.mycompany.com.https:
Flags [.], ack 1, win 65535, length 0
12:20:18.601282 IP 192.168.1.100.54964 > vpn.mycompany.com.https:
Flags [P.], seq 1:61, ack 1, win 65535, length 60
12:20:18.615561 IP vpn.mycompany.com.https > 192.168.1.100.54964:
Flags [.], ack 61, win 8192, length 0
12:20:18.616968 IP vpn.mycompany.com.https > 192.168.1.100.54964:
Flags [P.], seq 1:1025, ack 61, win 8192, length 1024
12:20:18.617038 IP 192.168.1.100.54964 > vpn.mycompany.com.https:
Flags [.], ack 1025, win 65535, length 0
12:20:18.625429 IP 192.168.1.100.54964 > vpn.mycompany.com.https:
Flags [P.], seq 61:1147, ack 1025, win 65535, length 1086
12:20:18.647783 IP vpn.mycompany.com.https > 192.168.1.100.54964:
Flags [.], ack 1147, win 8192, length 0
12:20:18.655313 IP vpn.mycompany.com.https > 192.168.1.100.54964:
Flags [P.], seq 1025:1072, ack 1147, win 8192, length 47
12:20:18.655389 IP 192.168.1.100.54964 > vpn.mycompany.com.https:
Flags [.], ack 1072, win 65535, length 0
12:20:18.655643 IP 192.168.1.100.54964 > vpn.mycompany.com.https:
Flags [P.], seq 1147:1352, ack 1072, win 65535, length 205
12:20:18.694396 IP vpn.mycompany.com.https > 192.168.1.100.54964:
Flags [.], ack 1352, win 8192, length 0
12:20:18.702518 IP vpn.mycompany.com.https > 192.168.1.100.54964:
Flags [P.], seq 1072:1393, ack 1352, win 8192, length 321
12:20:18.702583 IP 192.168.1.100.54964 > vpn.mycompany.com.https:
Flags [.], ack 1393, win 65535, length 0
12:20:18.702915 IP 192.168.1.100.54964 > vpn.mycompany.com.https:
Flags [P.], seq 1352:1576, ack 1393, win 65535, length 224
12:20:18.721530 IP vpn.mycompany.com.https > 192.168.1.100.54964:
Flags [.], ack 1576, win 8192, length 0
12:20:18.724336 IP vpn.mycompany.com.https > 192.168.1.100.54964:
Flags [P.], seq 1393:2442, ack 1576, win 8192, length 1049
12:20:18.724365 IP 192.168.1.100.54964 > vpn.mycompany.com.https:
Flags [.], ack 2442, win 65535, length 0
12:20:18.728120 IP vpn.mycompany.com.https > 192.168.1.100.54964:
Flags [P.], seq 2442:2591, ack 1576, win 8192, length 149
12:20:18.728183 IP 192.168.1.100.54964 > vpn.mycompany.com.https:
Flags [.], ack 2591, win 65535, length 0
12:20:18.728263 IP 192.168.1.100.54964 > vpn.mycompany.com.https:
Flags [P.], seq 1576:1603, ack 2591, win 65535, length 27
12:20:18.728342 IP 192.168.1.100.54964 > vpn.mycompany.com.https:
Flags [F.], seq 1603, ack 2591, win 65535, length 0
12:20:18.728978 IP vpn.mycompany.com.https > 192.168.1.100.54964:
Flags [FP.], seq 2591, ack 1576, win 8192, length 0
12:20:18.728992 IP 192.168.1.100.54964 > vpn.mycompany.com.https:
Flags [F.], seq 1603, ack 2592, win 65535, length 0
12:20:18.771409 IP vpn.mycompany.com.https > 192.168.1.100.54964:
Flags [.], ack 1576, win 8192, length 0
12:20:18.771414 IP vpn.mycompany.com.https > 192.168.1.100.54964:
Flags [.], ack 1576, win 8192, length 0
12:20:18.771465 IP 192.168.1.100.54964 > vpn.mycompany.com.https:
Flags [FP.], seq 1576:1603, ack 2592, win 65535, length 27
12:20:19.740257 IP 192.168.1.100.54964 > vpn.mycompany.com.https:
Flags [FP.], seq 1576:1603, ack 2592, win 65535, length 27
12:20:19.760490 IP vpn.mycompany.com.https > 192.168.1.100.54964:
Flags [R], seq 3995708022, win 8192, length 0
12:20:32.256530 IP 192.168.1.100.54954 > vpn.mycompany.com.https:
Flags [FP.], seq 676:703, ack 1475, win 65535, length 27
12:20:36.089459 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [S], seq 1733500268, win 65535, options [mss 1460,nop,wscale
3,nop,nop,TS val 560060348 ecr 0,sackOK,eol], length 0
12:20:36.106647 IP vpn.mycompany.com.https > 192.168.1.100.54974:
Flags [S.], seq 550699935, ack 1733500269, win 8192, options [mss
1380], length 0
12:20:36.106689 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [.], ack 1, win 65535, length 0
12:20:36.106847 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [P.], seq 1:93, ack 1, win 65535, length 92
12:20:36.125834 IP vpn.mycompany.com.https > 192.168.1.100.54974:
Flags [.], ack 93, win 8192, length 0
12:20:36.125862 IP vpn.mycompany.com.https > 192.168.1.100.54974:
Flags [P.], seq 1:127, ack 93, win 8192, length 126
12:20:36.125883 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [.], ack 127, win 65535, length 0
12:20:36.126385 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [P.], seq 93:140, ack 127, win 65535, length 47
12:20:36.148046 IP vpn.mycompany.com.https > 192.168.1.100.54974:
Flags [.], ack 140, win 8192, length 0
12:20:36.148137 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [P.], seq 140:496, ack 127, win 65535, length 356
12:20:36.169853 IP vpn.mycompany.com.https > 192.168.1.100.54974:
Flags [.], ack 496, win 8192, length 0
12:20:36.177141 IP vpn.mycompany.com.https > 192.168.1.100.54974:
Flags [P.], seq 127:864, ack 496, win 8192, length 737
12:20:36.177189 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [.], ack 864, win 65535, length 0
12:20:36.178151 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [P.], seq 496:983, ack 864, win 65535, length 487
12:20:36.195746 IP vpn.mycompany.com.https > 192.168.1.100.54974:
Flags [.], ack 983, win 8192, length 0
12:20:36.196261 IP vpn.mycompany.com.https > 192.168.1.100.54974:
Flags [P.], seq 864:1913, ack 983, win 8192, length 1049
12:20:36.196318 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [.], ack 1913, win 65535, length 0
12:20:36.198001 IP vpn.mycompany.com.https > 192.168.1.100.54974:
Flags [P.], seq 1913:2962, ack 983, win 8192, length 1049
12:20:36.198077 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [.], ack 2962, win 65535, length 0
12:20:36.198281 IP vpn.mycompany.com.https > 192.168.1.100.54974:
Flags [P.], seq 2962:4011, ack 983, win 8192, length 1049
12:20:36.198336 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [.], ack 4011, win 65535, length 0
12:20:36.198706 IP vpn.mycompany.com.https > 192.168.1.100.54974:
Flags [P.], seq 4011:5060, ack 983, win 8192, length 1049
12:20:36.198752 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [.], ack 5060, win 65535, length 0
12:20:36.199105 IP vpn.mycompany.com.https > 192.168.1.100.54974:
Flags [P.], seq 5060:6109, ack 983, win 8192, length 1049
12:20:36.199139 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [.], ack 6109, win 65535, length 0
12:20:36.200862 IP vpn.mycompany.com.https > 192.168.1.100.54974:
Flags [P.], seq 6109:7158, ack 983, win 8192, length 1049
12:20:36.200919 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [.], ack 7158, win 65535, length 0
12:20:36.203464 IP vpn.mycompany.com.https > 192.168.1.100.54974:
Flags [P.], seq 7158:8207, ack 983, win 8192, length 1049
12:20:36.203505 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [.], ack 8207, win 65535, length 0
12:20:36.203843 IP vpn.mycompany.com.https > 192.168.1.100.54974:
Flags [P.], seq 8207:9140, ack 983, win 8192, length 933
12:20:36.203903 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [.], ack 9140, win 65535, length 0
12:20:36.204241 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [P.], seq 983:1471, ack 9140, win 65535, length 488
12:20:36.229103 IP vpn.mycompany.com.https > 192.168.1.100.54974:
Flags [.], ack 1471, win 8192, length 0
12:20:36.231108 IP vpn.mycompany.com.https > 192.168.1.100.54974:
Flags [P.], seq 9140:9261, ack 1471, win 8192, length 121
12:20:36.231149 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [.], ack 9261, win 65535, length 0
12:20:36.231268 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [P.], seq 1471:1498, ack 9261, win 65535, length 27
12:20:36.231308 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [F.], seq 1498, ack 9261, win 65535, length 0
12:20:36.231796 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [S], seq 3616133424, win 65535, options [mss 1460,nop,wscale
3,nop,nop,TS val 560060349 ecr 0,sackOK,eol], length 0
12:20:36.256469 IP vpn.mycompany.com.https > 192.168.1.100.54974:
Flags [.], ack 1498, win 8192, length 0
12:20:36.256499 IP vpn.mycompany.com.https > 192.168.1.100.54974:
Flags [.], ack 1499, win 8192, length 0
12:20:36.256533 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [F.], seq 1498, ack 9261, win 65535, length 0
12:20:36.256573 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [.], ack 9261, win 65535, length 0
12:20:36.257302 IP vpn.mycompany.com.https > 192.168.1.100.54975:
Flags [S.], seq 446283481, ack 3616133425, win 8192, options [mss
1380], length 0
12:20:36.257361 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [.], ack 1, win 65535, length 0
12:20:36.257556 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [P.], seq 1:93, ack 1, win 65535, length 92
12:20:36.257698 IP vpn.mycompany.com.https > 192.168.1.100.54974:
Flags [FP.], seq 9261, ack 1499, win 8192, length 0
12:20:36.257748 IP 192.168.1.100.54974 > vpn.mycompany.com.https:
Flags [.], ack 9262, win 65535, length 0
12:20:36.271818 IP vpn.mycompany.com.https > 192.168.1.100.54974:
Flags [.], ack 1499, win 8192, length 0
12:20:36.280949 IP vpn.mycompany.com.https > 192.168.1.100.54975:
Flags [.], ack 93, win 8192, length 0
12:20:36.280982 IP vpn.mycompany.com.https > 192.168.1.100.54975:
Flags [P.], seq 1:127, ack 93, win 8192, length 126
12:20:36.281034 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [.], ack 127, win 65535, length 0
12:20:36.281308 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [P.], seq 93:140, ack 127, win 65535, length 47
12:20:36.299883 IP vpn.mycompany.com.https > 192.168.1.100.54975:
Flags [.], ack 140, win 8192, length 0
12:20:36.299961 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [P.], seq 140:627, ack 127, win 65535, length 487
12:20:36.315984 IP vpn.mycompany.com.https > 192.168.1.100.54975:
Flags [.], ack 627, win 8192, length 0
12:20:36.316337 IP vpn.mycompany.com.https > 192.168.1.100.54975:
Flags [P.], seq 127:1176, ack 627, win 8192, length 1049
12:20:36.316374 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [.], ack 1176, win 65535, length 0
12:20:36.317202 IP vpn.mycompany.com.https > 192.168.1.100.54975:
Flags [P.], seq 1176:2225, ack 627, win 8192, length 1049
12:20:36.317246 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [.], ack 2225, win 65535, length 0
12:20:36.317746 IP vpn.mycompany.com.https > 192.168.1.100.54975:
Flags [P.], seq 2225:3274, ack 627, win 8192, length 1049
12:20:36.317810 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [.], ack 3274, win 65535, length 0
12:20:36.318293 IP vpn.mycompany.com.https > 192.168.1.100.54975:
Flags [P.], seq 3274:4323, ack 627, win 8192, length 1049
12:20:36.318361 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [.], ack 4323, win 65535, length 0
12:20:36.318871 IP vpn.mycompany.com.https > 192.168.1.100.54975:
Flags [P.], seq 4323:5372, ack 627, win 8192, length 1049
12:20:36.318934 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [.], ack 5372, win 65535, length 0
12:20:36.324035 IP vpn.mycompany.com.https > 192.168.1.100.54975:
Flags [P.], seq 5372:6421, ack 627, win 8192, length 1049
12:20:36.324077 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [.], ack 6421, win 65535, length 0
12:20:36.325204 IP vpn.mycompany.com.https > 192.168.1.100.54975:
Flags [P.], seq 6421:7470, ack 627, win 8192, length 1049
12:20:36.325259 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [.], ack 7470, win 65535, length 0
12:20:36.325595 IP vpn.mycompany.com.https > 192.168.1.100.54975:
Flags [P.], seq 7470:8253, ack 627, win 8192, length 783
12:20:36.325610 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [.], ack 8253, win 65535, length 0
12:20:36.325872 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [P.], seq 627:1115, ack 8253, win 65535, length 488
12:20:36.345905 IP vpn.mycompany.com.https > 192.168.1.100.54975:
Flags [.], ack 1115, win 8192, length 0
12:20:36.346631 IP vpn.mycompany.com.https > 192.168.1.100.54975:
Flags [P.], seq 8253:8395, ack 1115, win 8192, length 142
12:20:36.346655 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [.], ack 8395, win 65535, length 0
12:20:36.346989 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [P.], seq 1115:1611, ack 8395, win 65535, length 496
12:20:36.367203 IP vpn.mycompany.com.https > 192.168.1.100.54975:
Flags [.], ack 1611, win 8192, length 0
12:20:36.368408 IP vpn.mycompany.com.https > 192.168.1.100.54975:
Flags [P.], seq 8395:8572, ack 1611, win 8192, length 177
12:20:36.368479 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [.], ack 8572, win 65535, length 0
12:20:36.582802 IP 192.168.1.100.54977 > vpn.mycompany.com.https:
Flags [S], seq 23323294, win 65535, options [mss 1460,nop,wscale
3,nop,nop,TS val 560060353 ecr 0,sackOK,eol], length 0
12:20:36.594739 IP vpn.mycompany.com.https > 192.168.1.100.54977:
Flags [S.], seq 4218039093, ack 23323295, win 8192, options [mss
1380], length 0
12:20:36.594774 IP 192.168.1.100.54977 > vpn.mycompany.com.https:
Flags [.], ack 1, win 65535, length 0
12:20:36.596063 IP 192.168.1.100.54977 > vpn.mycompany.com.https:
Flags [P.], seq 1:65, ack 1, win 65535, length 64
12:20:36.616774 IP vpn.mycompany.com.https > 192.168.1.100.54977:
Flags [.], ack 65, win 8192, length 0
12:20:36.617011 IP vpn.mycompany.com.https > 192.168.1.100.54977:
Flags [P.], seq 1:1025, ack 65, win 8192, length 1024
12:20:36.617042 IP 192.168.1.100.54977 > vpn.mycompany.com.https:
Flags [.], ack 1025, win 65535, length 0
12:20:36.617460 IP 192.168.1.100.54977 > vpn.mycompany.com.https:
Flags [P.], seq 65:72, ack 1025, win 65535, length 7
12:20:36.617577 IP 192.168.1.100.54977 > vpn.mycompany.com.https:
Flags [F.], seq 72, ack 1025, win 65535, length 0
12:20:36.617679 IP 192.168.1.100.54978 > vpn.mycompany.com.https:
Flags [S], seq 1434024797, win 65535, options [mss 1460,nop,wscale
3,nop,nop,TS val 560060353 ecr 0,sackOK,eol], length 0
12:20:36.633318 IP vpn.mycompany.com.https > 192.168.1.100.54977:
Flags [.], ack 72, win 8192, length 0
12:20:36.633323 IP vpn.mycompany.com.https > 192.168.1.100.54977:
Flags [FP.], seq 1025, ack 72, win 8192, length 0
12:20:36.633383 IP 192.168.1.100.54977 > vpn.mycompany.com.https:
Flags [F.], seq 72, ack 1025, win 65535, length 0
12:20:36.633424 IP 192.168.1.100.54977 > vpn.mycompany.com.https:
Flags [F.], seq 72, ack 1026, win 65535, length 0
12:20:36.633457 IP vpn.mycompany.com.https > 192.168.1.100.54977:
Flags [.], ack 73, win 8192, length 0
12:20:36.633484 IP 192.168.1.100.54977 > vpn.mycompany.com.https:
Flags [.], ack 1026, win 65535, length 0
12:20:36.634324 IP vpn.mycompany.com.https > 192.168.1.100.54978:
Flags [S.], seq 152462263, ack 1434024798, win 8192, options [mss
1380], length 0
12:20:36.634388 IP 192.168.1.100.54978 > vpn.mycompany.com.https:
Flags [.], ack 1, win 65535, length 0
12:20:36.634506 IP 192.168.1.100.54978 > vpn.mycompany.com.https:
Flags [P.], seq 1:65, ack 1, win 65535, length 64
12:20:36.645198 IP vpn.mycompany.com.https > 192.168.1.100.54977:
Flags [.], ack 73, win 8192, length 0
12:20:36.651503 IP vpn.mycompany.com.https > 192.168.1.100.54977:
Flags [.], ack 73, win 8192, length 0
12:20:36.654826 IP vpn.mycompany.com.https > 192.168.1.100.54978:
Flags [.], ack 65, win 8192, length 0
12:20:36.655398 IP vpn.mycompany.com.https > 192.168.1.100.54978:
Flags [P.], seq 1:1025, ack 65, win 8192, length 1024
12:20:36.655516 IP 192.168.1.100.54978 > vpn.mycompany.com.https:
Flags [.], ack 1025, win 65535, length 0
12:20:36.656345 IP 192.168.1.100.54978 > vpn.mycompany.com.https:
Flags [P.], seq 65:263, ack 1025, win 65535, length 198
12:20:36.674990 IP vpn.mycompany.com.https > 192.168.1.100.54978:
Flags [.], ack 263, win 8192, length 0
12:20:36.676538 IP vpn.mycompany.com.https > 192.168.1.100.54978:
Flags [P.], seq 1025:1072, ack 263, win 8192, length 47
12:20:36.676589 IP 192.168.1.100.54978 > vpn.mycompany.com.https:
Flags [.], ack 1072, win 65535, length 0
12:20:36.676789 IP 192.168.1.100.54978 > vpn.mycompany.com.https:
Flags [P.], seq 263:549, ack 1072, win 65535, length 286
12:20:36.693863 IP vpn.mycompany.com.https > 192.168.1.100.54978:
Flags [.], ack 549, win 8192, length 0
12:20:36.697054 IP vpn.mycompany.com.https > 192.168.1.100.54978:
Flags [P.], seq 1072:1287, ack 549, win 8192, length 215
12:20:36.697110 IP 192.168.1.100.54978 > vpn.mycompany.com.https:
Flags [.], ack 1287, win 65535, length 0
12:20:36.697210 IP vpn.mycompany.com.https > 192.168.1.100.54978:
Flags [P.], seq 1287:1380, ack 549, win 8192, length 93
12:20:36.697251 IP 192.168.1.100.54978 > vpn.mycompany.com.https:
Flags [.], ack 1380, win 65535, length 0
12:20:36.697373 IP vpn.mycompany.com.https > 192.168.1.100.54978:
Flags [P.], seq 1380:1412, ack 549, win 8192, length 32
12:20:36.697404 IP 192.168.1.100.54978 > vpn.mycompany.com.https:
Flags [.], ack 1412, win 65535, length 0
12:20:36.741962 IP 192.168.1.100.54978 > vpn.mycompany.com.https:
Flags [P.], seq 549:792, ack 1412, win 65535, length 243
12:20:36.765536 IP vpn.mycompany.com.https > 192.168.1.100.54978:
Flags [.], ack 792, win 8192, length 0
12:20:36.765742 IP vpn.mycompany.com.https > 192.168.1.100.54978:
Flags [P.], seq 1412:1750, ack 792, win 8192, length 338
12:20:36.765789 IP 192.168.1.100.54978 > vpn.mycompany.com.https:
Flags [.], ack 1750, win 65535, length 0
12:20:36.766764 IP 192.168.1.100.54978 > vpn.mycompany.com.https:
Flags [P.], seq 792:1081, ack 1750, win 65535, length 289
12:20:36.785302 IP vpn.mycompany.com.https > 192.168.1.100.54978:
Flags [.], ack 1081, win 8192, length 0
12:20:36.787790 IP vpn.mycompany.com.https > 192.168.1.100.54978:
Flags [P.], seq 1750:1965, ack 1081, win 8192, length 215
12:20:36.787821 IP vpn.mycompany.com.https > 192.168.1.100.54978:
Flags [P.], seq 1965:2058, ack 1081, win 8192, length 93
12:20:36.787866 IP 192.168.1.100.54978 > vpn.mycompany.com.https:
Flags [.], ack 1965, win 65535, length 0
12:20:36.787905 IP 192.168.1.100.54978 > vpn.mycompany.com.https:
Flags [.], ack 2058, win 65535, length 0
12:20:36.788278 IP vpn.mycompany.com.https > 192.168.1.100.54978:
Flags [P.], seq 2058:2090, ack 1081, win 8192, length 32
12:20:36.788297 IP 192.168.1.100.54978 > vpn.mycompany.com.https:
Flags [.], ack 2090, win 65535, length 0
12:20:36.789205 IP 192.168.1.100.54978 > vpn.mycompany.com.https:
Flags [P.], seq 1081:1108, ack 2090, win 65535, length 27
12:20:36.789247 IP 192.168.1.100.54978 > vpn.mycompany.com.https:
Flags [F.], seq 1108, ack 2090, win 65535, length 0
12:20:36.805811 IP vpn.mycompany.com.https > 192.168.1.100.54978:
Flags [.], ack 1108, win 8192, length 0
12:20:36.805816 IP vpn.mycompany.com.https > 192.168.1.100.54978:
Flags [.], ack 1109, win 8192, length 0
12:20:36.805889 IP 192.168.1.100.54978 > vpn.mycompany.com.https:
Flags [F.], seq 1108, ack 2090, win 65535, length 0
12:20:36.805911 IP 192.168.1.100.54978 > vpn.mycompany.com.https:
Flags [.], ack 2090, win 65535, length 0
12:20:36.806013 IP vpn.mycompany.com.https > 192.168.1.100.54978:
Flags [FP.], seq 2090, ack 1109, win 8192, length 0
12:20:36.806026 IP 192.168.1.100.54978 > vpn.mycompany.com.https:
Flags [.], ack 2091, win 65535, length 0
12:20:36.818231 IP vpn.mycompany.com.https > 192.168.1.100.54978:
Flags [.], ack 1109, win 8192, length 0
12:20:37.001393 IP 192.168.1.100.54981 > vpn.mycompany.com.https:
Flags [S], seq 826985517, win 65535, options [mss 1460,nop,wscale
3,nop,nop,TS val 560060357 ecr 0,sackOK,eol], length 0
12:20:37.019579 IP vpn.mycompany.com.https > 192.168.1.100.54981:
Flags [S.], seq 715852496, ack 826985518, win 8192, options [mss
1380], length 0
12:20:37.019627 IP 192.168.1.100.54981 > vpn.mycompany.com.https:
Flags [.], ack 1, win 65535, length 0
12:20:37.020048 IP 192.168.1.100.54981 > vpn.mycompany.com.https:
Flags [P.], seq 1:61, ack 1, win 65535, length 60
12:20:37.036620 IP vpn.mycompany.com.https > 192.168.1.100.54981:
Flags [.], ack 61, win 8192, length 0
12:20:37.037014 IP vpn.mycompany.com.https > 192.168.1.100.54981:
Flags [P.], seq 1:1025, ack 61, win 8192, length 1024
12:20:37.037039 IP 192.168.1.100.54981 > vpn.mycompany.com.https:
Flags [.], ack 1025, win 65535, length 0
12:20:37.114578 IP 192.168.1.100.54981 > vpn.mycompany.com.https:
Flags [P.], seq 61:259, ack 1025, win 65535, length 198
12:20:37.130078 IP vpn.mycompany.com.https > 192.168.1.100.54981:
Flags [.], ack 259, win 8192, length 0
12:20:37.132345 IP vpn.mycompany.com.https > 192.168.1.100.54981:
Flags [P.], seq 1025:1072, ack 259, win 8192, length 47
12:20:37.132397 IP 192.168.1.100.54981 > vpn.mycompany.com.https:
Flags [.], ack 1072, win 65535, length 0
12:20:37.132875 IP 192.168.1.100.54981 > vpn.mycompany.com.https:
Flags [P.], seq 259:885, ack 1072, win 65535, length 626
12:20:37.154141 IP vpn.mycompany.com.https > 192.168.1.100.54981:
Flags [.], ack 885, win 8192, length 0
12:20:37.156021 IP vpn.mycompany.com.https > 192.168.1.100.54981:
Flags [P.], seq 1072:1761, ack 885, win 8192, length 689
12:20:37.156047 IP 192.168.1.100.54981 > vpn.mycompany.com.https:
Flags [.], ack 1761, win 65535, length 0
12:20:39.362390 IP 192.168.1.100.64134 > vpn.mycompany.com.https: UDP, length 99
12:20:39.380738 IP vpn.mycompany.com.https > 192.168.1.100.64134: UDP, length 28
12:20:39.380930 IP 192.168.1.100.64134 > vpn.mycompany.com.https: UDP, length 99
12:20:39.397862 IP vpn.mycompany.com.https > 192.168.1.100.64134: UDP,
length 188
12:20:39.398255 IP 192.168.1.100.64134 > vpn.mycompany.com.https: UDP, length 93
12:20:39.430862 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [P.], seq 1611:1638, ack 8572, win 65535, length 27
12:20:39.430942 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [F.], seq 1638, ack 8572, win 65535, length 0
12:20:39.448277 IP vpn.mycompany.com.https > 192.168.1.100.54975:
Flags [.], ack 1638, win 8192, length 0
12:20:39.448329 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [F.], seq 1638, ack 8572, win 65535, length 0
12:20:39.448420 IP vpn.mycompany.com.https > 192.168.1.100.54975:
Flags [.], ack 1639, win 8192, length 0
12:20:39.448454 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [.], ack 8572, win 65535, length 0
12:20:39.448762 IP vpn.mycompany.com.https > 192.168.1.100.54975:
Flags [FP.], seq 8572, ack 1639, win 8192, length 0
12:20:39.448799 IP 192.168.1.100.54975 > vpn.mycompany.com.https:
Flags [.], ack 8573, win 65535, length 0
12:20:43.119769 IP 192.168.1.100.64134 > vpn.mycompany.com.https: UDP, length 61
12:20:43.120728 IP 192.168.1.100.54981 > vpn.mycompany.com.https:
Flags [P.], seq 885:971, ack 1761, win 65535, length 86
12:20:43.120805 IP 192.168.1.100.54981 > vpn.mycompany.com.https:
Flags [P.], seq 971:998, ack 1761, win 65535, length 27
12:20:43.120821 IP 192.168.1.100.54981 > vpn.mycompany.com.https:
Flags [F.], seq 998, ack 1761, win 65535, length 0
12:20:43.139655 IP vpn.mycompany.com.https > 192.168.1.100.54981:
Flags [.], ack 971, win 8192, length 0
12:20:43.139688 IP 192.168.1.100.54981 > vpn.mycompany.com.https:
Flags [F.], seq 998, ack 1761, win 65535, length 0
12:20:43.141935 IP vpn.mycompany.com.https > 192.168.1.100.54981:
Flags [.], ack 998, win 8192, length 0
12:20:43.141949 IP 192.168.1.100.54981 > vpn.mycompany.com.https:
Flags [F.], seq 998, ack 1761, win 65535, length 0
12:20:43.145763 IP vpn.mycompany.com.https > 192.168.1.100.54981:
Flags [.], ack 999, win 8192, length 0
12:20:43.145824 IP vpn.mycompany.com.https > 192.168.1.100.54981:
Flags [P.], seq 1761:1809, ack 999, win 8192, length 48
12:20:43.146049 IP vpn.mycompany.com.https > 192.168.1.100.54981:
Flags [FP.], seq 1809, ack 999, win 8192, length 0
12:20:43.146408 IP 192.168.1.100.54981 > vpn.mycompany.com.https:
Flags [.], ack 1761, win 65535, length 0
12:20:43.146427 IP 192.168.1.100.54981 > vpn.mycompany.com.https:
Flags [R], seq 826986516, win 0, length 0
Here's the tcpdump of the failed openconnect session:
12:34:01.695690 IP 192.168.1.100.53539 > vpn.mycompany.com.https: S
2360598965:2360598965(0) win 5840 <mss 1460,sackOK,timestamp 822967
0,nop,wscale 7>
12:34:01.710685 IP vpn.mycompany.com.https > 192.168.1.100.53539: S
2523350849:2523350849(0) ack 2360598966 win 8192 <mss 1380>
12:34:01.710730 IP 192.168.1.100.53539 > vpn.mycompany.com.https: .
ack 1 win 5840
12:34:01.778328 IP 192.168.1.100.53539 > vpn.mycompany.com.https: P
1:112(111) ack 1 win 5840
12:34:01.792094 IP vpn.mycompany.com.https > 192.168.1.100.53539: .
ack 112 win 8192
12:34:01.792197 IP vpn.mycompany.com.https > 192.168.1.100.53539: P
1:865(864) ack 112 win 8192
12:34:01.792214 IP 192.168.1.100.53539 > vpn.mycompany.com.https: .
ack 865 win 6912
12:34:01.813671 IP 192.168.1.100.53539 > vpn.mycompany.com.https: P
112:298(186) ack 865 win 6912
12:34:01.826095 IP vpn.mycompany.com.https > 192.168.1.100.53539: .
ack 298 win 8192
12:34:01.827860 IP vpn.mycompany.com.https > 192.168.1.100.53539: P
865:912(47) ack 298 win 8192
12:34:01.828111 IP 192.168.1.100.53539 > vpn.mycompany.com.https: P
298:500(202) ack 912 win 6912
12:34:01.842259 IP vpn.mycompany.com.https > 192.168.1.100.53539: .
ack 500 win 7990
12:34:01.842980 IP vpn.mycompany.com.https > 192.168.1.100.53539: .
ack 500 win 8192
12:34:01.844777 IP vpn.mycompany.com.https > 192.168.1.100.53539: P
912:1112(200) ack 500 win 8192
12:34:01.844923 IP vpn.mycompany.com.https > 192.168.1.100.53539: P
1112:1291(179) ack 500 win 8192
12:34:01.844934 IP vpn.mycompany.com.https > 192.168.1.100.53539: P
1291:1323(32) ack 500 win 8192
12:34:01.845327 IP 192.168.1.100.53539 > vpn.mycompany.com.https: .
ack 1323 win 10368
12:34:01.846101 IP 192.168.1.100.53539 > vpn.mycompany.com.https: F
500:500(0) ack 1323 win 10368
12:34:01.864047 IP vpn.mycompany.com.https > 192.168.1.100.53539: .
ack 501 win 8192
12:34:01.864091 IP vpn.mycompany.com.https > 192.168.1.100.53539: FP
1323:1323(0) ack 501 win 8192
12:34:01.864108 IP 192.168.1.100.53539 > vpn.mycompany.com.https: .
ack 1324 win 10368
If there's anything else I can provide to help debug the situation,
please let me know. I would love to use openconnect, as all of our
linux machines are 64bit and anyconnect is a pain to get working in
64bit environs.
Thanks,
James
>
> --
> dwmw2
>
>
> _______________________________________________
> openconnect-devel mailing list
> openconnect-devel at lists.infradead.org
> http://bombadil.infradead.org/mailman/listinfo/openconnect-devel
>
More information about the openconnect-devel
mailing list