Connecting to work VPN
Keith Moyer
openconnect-devel at keithmoyer.com
Sat Nov 6 00:55:33 EDT 2010
My work is currently transitioning from a Cisco IPSEC VPN system to a
Cisco AnyConnect VPN system. I have grown very fond of having an
open-source client with Network Manager integration in vpnc and would
love to continue that with openconnect.
Unfortunately, when I try to connect with openconnect, I end up getting
"AnyConnect is not enabled on the VPN server" errors (XML shows that
it's error 89) after entering password. Doing a little research, I see
that this may indicate a version mismatch between client and server (the
AnyConnect client deployed for Windows is version 2.5).
Checking the csd logs, I don't see anything to indicate an error there
(there are some "failed to initialize mozilla certificates" warnings at
the end, though). I've also manually downloaded the CSD binary and run
it directly, passing in the token, ticket, group, host, and debug=all
and got similar results. I added some debug output to my openconnect
client, and the XML received does advertise this binary as a Linux
option. Also, I noticed that the POST request only send the group,
user, and password. Does it not need to send the "ticket" and "token"?
I am a professional software engineer, so I can handle some debugging
and coding, but I'm new to this protocol. Any ideas on what I can do to
work on getting this to work?
Sorry if this is a bit rambling; I'm not sure what information you guys
would need.
Thanks!
- Keith
More information about the openconnect-devel
mailing list