Problem with establishing VPN connections with client

Nikos Mavrogiannopoulos n.mavrogiannopoulos at gmail.com
Thu Nov 14 10:41:57 EST 2013


On Thu, Nov 14, 2013 at 3:11 PM, Tony Zhou <tonytzhou at gmail.com> wrote:
> Hi all,
> I have problems making various clients connecting to the ocserv. So far none
> of the clients are able to successfully make a VPN connection. Platform:
> Debian 7, ocserv 2.1
>
> Tried with Android (Anyconnect ICS+), it can successfully authenticate, but
> after accepting the banner client will prompt "The required license for this
> type of VPN client is not available on the secure gateway. Please contact
> your network administrator." I guess it's just Cisco does not like the idea
> of 3rd party server that can accept Anyconnect Client connections? ;-) Fair
> enough. Here's the log:

I've noticed that too about the client. As I understood one would need
to add some cisco license into the server headers so a solution is
probably impossible.
However you may want to try Kevin's android client which is based on
openconnect:
https://github.com/cernekee/ics-openvpn


> Somehow it started authentication, but immediately closed the socket and
> deinited.
> Tried with some other clients, including SmoothConnect (Android 3rd party
> client connecting to Cisco ASA) and HP webOS, but none of them works. Don't
> have the log at hand at this moment...
> Any suggestions will be appreciated.

Did you enable the specific options for anyconnect in the configuration file?
The anyconnect clients download some special policy etc files from the
server that may not have been there in ocserv. Unfortunately they much
differ on the requests they make on every version. You may want to
check the client's log as well for clues of what failed.

regards,
Nikos



More information about the openconnect-devel mailing list