Problems maintaining openconnect VPN ... looks like MTU issue

David Woodhouse dwmw2 at infradead.org
Wed May 8 02:24:05 EDT 2013


On Tue, 2013-05-07 at 16:55 -0700, James Bottomley wrote:
> 2013-05-07T16:06:20.168218-07:00 dabdike openconnect[31278]: SSL wrote too few bytes! Asked for 654, sent 0
> 2013-05-07T16:06:20.171367-07:00 dabdike openconnect[31278]: Send BYE packet: Internal error
> 2013-05-07T16:06:20.172621-07:00 dabdike openconnect[31278]: SSL_write failed: 1

That looks like the one I fixed in commit fddb099d?

> The DTLS handshake failed looks like a red herring because that fills my
> logs even if the connection is successful:

What version of OpenSSL (or GnuTLS) are you using for DTLS support? Some
recent versions of OpenSSL are known to be broken. If you build against
GnuTLS new enough to have Cisco DTLS support, that's best.

-- 
David Woodhouse                            Open Source Technology Centre
David.Woodhouse at intel.com                              Intel Corporation



-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20130508/e043b69f/attachment.bin>


More information about the openconnect-devel mailing list