Routing doesn't work on Ubuntu 14.04
Andreas Profous
andreas at profous.de
Thu Feb 13 04:28:49 EST 2014
Hi,
I'm struggling to connect to a company running Cisco VPN using
openconnect in a virtual machine running Ubuntu 14.04.
Version of openconnect:
----
vagrant at vagrant-ubuntu-trusty-64:~$ openconnect --version
OpenConnect version v5.02
Using GnuTLS. Features present: PKCS#11, TOTP software token, DTLS
(using OpenSSL)
----
Here's how I invoke it:
----
vagrant at vagrant-ubuntu-trusty-64:~$ cat ./company-vpn.sh
PWD="<my password>"
echo $PWD | sudo openconnect --authgroup=company -u profous.andreas
--passwd-on-stdin --no-cert-check --script=/home/vagrant/vpnc-script
webvpn.company.de
----
The vpnc script is directly taken from
http://git.infradead.org/users/dwmw2/vpnc-scripts.git/blob_plain/HEAD:/vpnc-script
What I get is the following output (I changed the IPs and hostnames):
----
vagrant at vagrant-ubuntu-trusty-64:~$ sudo ./company-vpn.sh
POST https://webvpn.company.de/
Attempting to connect to server 71.111.1.1:443
SSL negotiation with webvpn.company.de
Connected to HTTPS on webvpn.company.de
Got HTTP response: HTTP/1.0 302 Temporary moved
GET https://webvpn.company.de/
Attempting to connect to server 71.111.1.1:443
SSL negotiation with webvpn.company.de
Connected to HTTPS on webvpn.company.de
Got HTTP response: HTTP/1.0 302 Temporary moved
GET https://webvpn.company.de/+webvpn+/index.html
SSL negotiation with webvpn.company.de
Connected to HTTPS on webvpn.company.de
company Cruises WebVPN Remote Access
Please enter your username and password.
POST https://webvpn.company.de/+webvpn+/index.html
Got CONNECT response: HTTP/1.1 200 OK
CSTP connected. DPD 180, Keepalive 30
Connected tun0 as 10.111.11.111, using SSL
Established DTLS connection (using OpenSSL)
----
That's it, it just hangs there. In another thread I've read that the
issue is with the routing, i.e. that the actual VPN connection has
actually been established. But I don't know how to fix this. Moreover,
with the *exact* same setup, the VPN connection on Mac OS X Mavericks
works just fine.
Does anyone have an idea?
Cheers,
Andreas
More information about the openconnect-devel
mailing list