Unable to connect from AnyConnect 3.0 and 3.1 Windows Clients to ocserv 0.2.4 and git head
Thomas Glanzmann
thomas at glanzmann.de
Sat Jan 11 18:32:23 EST 2014
Hello everyone,
here is another trace from an IOS router:
POST / HTTP/1.1
Cache-Control: no-cache
Connection: close
Pragma: no-cache
Host: lync.gmvl.de
User-Agent: AnyConnect Windows 3.1.05152
X-Transcend-Version: 1
X-Aggregate-Auth: 1
X-AnyConnect-Platform: win
Content-Length: 564
<?xml version="1.0" encoding="UTF-8"?>
<config-auth client="vpn" type="init" aggregate-auth-version="2">
<version who="vpn">3.1.05152</version>
<device-id device-type="Intel Pentium Processors= 4 x86" platform-version="6.1.7601 Service Pack 1" unique-id="B2B563176DCDE1E541C743464446CCC939B98C0E8CD59E8752E8B2814411EEBA">win</device-id>
<mac-address-list>
<mac-address>00-24-d7-11-74-00</mac-address>
<mac-address>00-26-2d-fc-e4-1e</mac-address></mac-address-list>
<group-select>full</group-select>
<group-access>https://lync.gmvl.de</group-access>
</config-auth>
HTTP/1.1 303 See Other
Content-Type: text/html
Content-Length: 0
Location: https://lync.gmvl.de:443/webvpn.html
Set-Cookie: webvpncontext=00 at tonline; path=/; Secure
Connection: Keep-Alive
GET /webvpn.html HTTP/1.1
Cache-Control: no-cache
Connection: close
Pragma: no-cache
Cookie: webvpncontext=00 at tonline;
Host: lync.gmvl.de:443
User-Agent: AnyConnect Windows 3.1.05152
X-Transcend-Version: 1
X-Aggregate-Auth: 1
X-AnyConnect-Platform: win
HTTP/1.1 200 OK
Cache-Control: max-age=0
Content-Type: text/html
Set-Cookie: webvpn=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; Secure
Set-Cookie: webvpncontext=00 at tonline; path=/; Secure
X-Transcend-Version: 1
Content-Length: 473
Connection: close
<?xml version="1.0" encoding="UTF-8"?>
<auth id="main">
<title>Default Customization</title>
<message>Please enter your username and password.</message>
<form method="post" action="webvpn.html">
<input type="text" label="USERNAME:" name="username" value="" />
<input type="password" label="PASSWORD:" name="password" value="" />
<input type="submit" name="Login" value="Login" />
<input type="reset" name="Clear" value="Clear" />
</form>
</auth>
POST /webvpn.html HTTP/1.1
Cache-Control: no-cache
Connection: Close
Pragma: no-cache
Cookie: webvpncontext=00 at tonline;
Host: lync.gmvl.de:443
User-Agent: AnyConnect Windows 3.1.05152
X-Transcend-Version: 1
X-Aggregate-Auth: 1
X-AnyConnect-Platform: win
Content-Length: 37
password=password&username=sithglan
HTTP/1.1 200 OK
Cache-Control: max-age=0
Content-Type: text/html
Set-Cookie: webvpncontext=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; Secure
Set-Cookie: webvpn=00 at 1311721029@00002 at 3598467018@1615302194 at tonline; path=/; Secure
Set-Cookie: webvpnc=p:t&bu:/CACHE/webvpn/stc/&iu:1/&sh:9C6A0C3F094BCC96EA12D8F98FB12772C64C0DDC&; path=/; Secure
X-Transcend-Version: 1
Content-Length: 130
Connection: close
<?xml version="1.0" encoding="UTF-8"?><auth id="success"><title>SSL VPN Service</title><message>Success</message><success/></auth>
GET /CACHE/webvpn/stc/1/index.html HTTP/1.1
Cache-Control: no-cache
Connection: Close
Pragma: no-cache
Cookie: webvpn=00 at 1311721029@00002 at 3598467018@1615302194 at tonline;webvpnc=p:t&bu:/CACHE/webvpn/stc/&iu:1/&sh:9C6A0C3F094BCC96EA12D8F98FB12772C64C0DDC&;
Host: lync.gmvl.de:443
User-Agent: AnyConnect Windows 3.1.05152
X-Transcend-Version: 1
X-Aggregate-Auth: 1
X-AnyConnect-Platform: win
HTTP/1.1 200 OK
Server: cisco-IOS
Connection: close
Content-Length: 5548
Content-Type: text/html
Cache-Control: max-age=0
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<link rel="stylesheet" type="text/css" href="style.css" />
<meta name="expires" content="Sat, 01 Jan 2000 24:00:00 GMT"/>
<title>Installation</title>
<script type="text/javascript" language="JavaScript1.1" src="binaries/pkginit.js"></script>
<script type="text/javascript" language="JavaScript1.1" src="binaries/main.js"></script>
<script type="text/javascript" language="JavaScript1.1" src="strings.js"></script>
<script type="text/javascript" language="JavaScript1.1">
function openTipsWindow() {
var x = 310;
window.open('tips.htm', 'tips',
'width=' + x + ',scrollbars=yes,toolbar=no,directories=no,' +
'status=no,menubar=no,top=0,screenY=0,resizable,' +
'left=' + (screen.width - x) + ',screenX=' + (screen.width - x));
}
< 2014/01/11 23:10:19.190547 length=1016 from=1016 to=2031
function skipToManualInstall() {
iStatus=-70;
Launch();
}
// preload images
var preloadedImgs = new Array();
preloadedImgs[0] = new Image(100, 75);
preloadedImgs[0].src = "images/company-logo.png";
preloadedImgs[1] = new Image(24, 24);
preloadedImgs[1].src = "images/anyconnect-24.png";
preloadedImgs[2] = new Image(160, 67);
preloadedImgs[2].src = "images/buttons.gif";
preloadedImgs[3] = new Image(282, 88);
preloadedImgs[3].src = "images/infobar.gif";
preloadedImgs[3] = new Image(172, 14);
preloadedImgs[3].src = "images/loading.gif";
preloadedImgs[4] = new Image(498,75);
preloadedImgs[4].src = "images/header.jpg";
</script>
</head>
<body onload='loadPackage();'>
<div align="center">
<table width="500" border="0" cellpadding="0" cellspacing="0" class="cuesHeaderBg wizard">
<tr>
<td colspan="2" style="border-bottom: 1px solid #666666;" class="cuesHeaderTitleLogo">
<img id="companylogo" src="images/company-logo.png" align="absmiddle" title="Cisco Logo" alt="Cisco Logo" width="100" height="75">AnyConnect Secure Mobility Client
</td>
</tr>
<tr>
<td class="cuesWizardStepPanel">
<table border="0" cellpadding="0" cellspacing="0" class="wizard-steps-title">
<tr>
<td class="cuesWizardIcon">
<img src="images/anyconnect-24.png" border="0" alt="AnyConnect Icon" title="AnyConnect Icon" width="24" height="24" />
</td>
<td class="cuesWizardTitle">WebLaunch</td>
</tr>
</table>
<table border="0" cellpadding="0" cellspacing="0" width="100%" class="wizard-steps">
<tr>
<td id="state1no" class="cuesWizardStepSelectedNo"><input id="state1check" type="checkbox" tabindex="-1" disabled="true"/></td>
<td id="state1dash" class="cuesWizardStepSelectedDash">-</td>
<td id="state1phase" class="cuesWizardStepSelected">Platform Detection</td>
</tr>
<tr>
<td id="state10no" class="cuesWizardStepFutureNo"><input id="state10check" type="checkbox" tabindex="-1" disabled="true"/></td>
<td id="state10dash" class="cuesWizardStepFutureDash">-</td>
<td id="state10phase" class="cuesWizardStepFuture">ActiveX</td>
</tr>
<tr>
<td id="state20no" class="cuesWizardStepFutureNo"><input id="state20check" type="checkbox" tabindex="-1" disabled="true"/></td>
<td id="state20dash" class="cuesWizardStepFutureDash">-</td>
<td id="state20phase"class="cuesWizardStepFuture">Java Detection</td>
</tr>
<tr>
<td id="state40no" class="cuesWizardStepFutureNo"><input id="state40check" type="checkbox" tabindex="-1" disabled="true"/></td>
<td id="state40dash" class="cuesWizardStepFutureDash">-</td>
<td id="state40phase" class="cuesWizardStepFuture">Java</td>
</tr>
<tr>
<td id="state70no" class="cuesWizardStepFutureNo"><input id="state70check" type="checkbox" tabindex="-1" disabled="true"/></td>
<td id="state70dash" class="cuesWizardStepFutureDash">-</td>
<td id="state70phase" class="cuesWizardStepFuture">Download</td>
</tr>
<tr>
<td id="state100no" class="cuesWizardStepFutureNo"><input id="state100check" type="checkbox" tabindex="-1" disabled="true"/></td>
<td id="state100dash" class="cuesWizardStepFutureDash">-</td>
<td id="state100phase" class="cuesWizardStepFuture">Connected</td>
</tr>
</table>
</td>
<td class="cuesWizardContent">
<div id="cuesWizardStepTitle">Platform Detection</div>
<div id="cuesWizardContentBody" style="height:180">
<div id="idDivMessage" name="idDivMessage">The installer is detecting your operating system and CPU. Please wait...</div>
</div>
<div id="cuesWizardContentNavButtons">
<input id="helpButton" type="Submit" value="Help" class="cuesButton" onclick="openTipsWindow(); return false" onkeypress="openTipsWindow(); return false"/>
<input id="manualInstallButton" type="button" value="Download" class="cuesWizardCancelButton" onclick="skipToManualInstall(); return false" onkeypress="skipToManualInstall(); return false"/>
</div>
</td>
</tr>
</table>
</div>
<iframe id="idiFrameMain" name="idiFrameMain" border="0" src="empty.html" width="20" height="0" MarginHeight="0" MarginWidth="0" FrameBorder="0"></iframe>
<div id="idDivMain" name="idDivMain" style="position:relative"></div>
</body>
</html>
GET /CACHE/webvpn/stc/1/Windows HTTP/1.1
Cache-Control: no-cache
Connection: Close
Pragma: no-cache
Cookie: webvpn=00 at 1311721029@00002 at 3598467018@1615302194 at tonline;webvpnc=p:t&bu:/CACHE/webvpn/stc/&iu:1/&sh:9C6A0C3F094BCC96EA12D8F98FB12772C64C0DDC&;
Host: lync.gmvl.de:443
User-Agent: AnyConnect Windows 3.1.05152
X-Transcend-Version: 1
X-Aggregate-Auth: 1
X-AnyConnect-Platform: win
HTTP/1.1 200 OK
Server: cisco-IOS
Connection: close
Content-Length: 0
Cache-Control: max-age=0
GET /CACHE/webvpn/stc/1/binaries/update.txt HTTP/1.1
Cache-Control: no-cache
Connection: Close
Pragma: no-cache
Cookie: webvpn=00 at 1311721029@00002 at 3598467018@1615302194 at tonline;webvpnc=p:t&bu:/CACHE/webvpn/stc/&iu:1/&sh:9C6A0C3F094BCC96EA12D8F98FB12772C64C0DDC&;
Host: lync.gmvl.de:443
User-Agent: AnyConnect Windows 3.1.05152
X-Transcend-Version: 1
X-Aggregate-Auth: 1
X-AnyConnect-Platform: win
HTTP/1.1 200 OK
Server: cisco-IOS
Connection: close
Content-Length: 11
Content-Type: text/plain
Cache-Control: max-age=0
3,1,05152
GET /CACHE/webvpn/stc/1/VPNManifest.xml HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
Cookie: webvpn=00 at 1311721029@00002 at 3598467018@1615302194 at tonline;
Host: lync.gmvl.de
User-Agent: AnyConnect Downloader 3.1.05152
HTTP/1.1 200 OK
Server: cisco-IOS
Content-Length: 1727
Content-Type: text/xml
Cache-Control: max-age=0
<?xml version="1.0" encoding="UTF-8"?>
<vpn rev="1.0">
<file version="3.1.05152" id="VPNCore" is_core="yes" type="exe" action="install">
<uri>binaries/anyconnect-win-3.1.05152-web-deploy-k9.exe</uri>
<display-name>AnyConnect Secure Mobility Client</display-name>
</file>
<file version="3.1.05152" id="gina" is_core="no" type="exe" action="install" module="vpngina">
<uri>binaries/anyconnect-gina-win-3.1.05152-web-deploy-k9.exe</uri>
<display-name>AnyConnect SBL</display-name>
</file>
<file version="3.1.05152" id="DART" is_core="no" type="msi" action="install" module="dart">
<uri>binaries/anyconnect-dart-win-3.1.05152-k9.msi</uri>
<display-name>AnyConnect DART</display-name>
</file>
<file version="3.1.05152" id="NAM" is_core="no" type="msi" action="install" module="nam">
<uri>binaries/anyconnect-nam-win-3.1.05152-k9.msi</uri>
<display-name>AnyConnect Network Access Manager</display-name>
</file>
<file version="3.1.05152" id="WebSecurity" is_core="no" type="exe" action="install" module="websecurity">
<uri>binaries/anyconnect-websecurity-win-3.1.05152-web-deploy-k9.exe</uri>
<display-name>AnyConnect Web Security</display-name>
</file>
<file version="3.1.05152" id="Posture" is_core="no" type="msi" action="install" module="posture">
<uri>binaries/anyconnect-posture-win-3.1.05152-web-deploy-k9.msi</uri>
<display-name>AnyConnect Posture</display-name>
</file>
<file version="3.1.05152" id="Telemetry" is_core="no" type="exe" action="install" module="telemetry">
<uri>binaries/anyconnect-telemetry-win-3.1.05152-web-deploy-k9.exe</uri>
<display-name>AnyConnect Telemetry</display-name>
</file>
</vpn>
GET /+CSCOT+/translation-table?type=combined-manifest&textdomain=AnyConnect HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
Cookie: webvpn=00 at 1311721029@00002 at 3598467018@1615302194 at tonline;
Host: lync.gmvl.de
User-Agent: AnyConnect Downloader 3.1.05152
HTTP/1.1 404 Not Found
Date: Sat, 11 Jan 2014 22:10:21 GMT
Content-Length: 0
Content-Type: text/html
Connection: Keep-Alive
GET /+CSCOT+/translation-table?type=mst-manifest&textdomain=AnyConnect HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
Cookie: webvpn=00 at 1311721029@00002 at 3598467018@1615302194 at tonline;
Host: lync.gmvl.de
User-Agent: AnyConnect Downloader 3.1.05152
HTTP/1.1 404 Not Found
Date: Sat, 11 Jan 2014 22:10:21 GMT
Content-Length: 0
Content-Type: text/html
Connection: Keep-Alive
GET /+CSCOT+/oem-customization?app=AnyConnect&type=manifest&platform=win HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
Cookie: webvpn=00 at 1311721029@00002 at 3598467018@1615302194 at tonline;
Host: lync.gmvl.de
User-Agent: AnyConnect Downloader 3.1.05152
HTTP/1.1 404 Not Found
Date: Sat, 11 Jan 2014 22:10:21 GMT
Content-Length: 0
Content-Type: text/html
Connection: Keep-Alive
CONNECT /CSCOSSLC/tunnel HTTP/1.1
Host: lync.gmvl.de
User-Agent: Cisco AnyConnect VPN Agent for Windows 3.1.05152
Cookie: webvpn=00 at 1311721029@00002 at 3598467018@1615302194 at tonline
X-CSTP-Version: 1
X-CSTP-Hostname: lenovo
X-CSTP-MTU: 1299
X-CSTP-Address-Type: IPv6,IPv4
X-CSTP-Local-Address-IP4: 192.168.0.249
X-CSTP-Base-MTU: 1400
X-CSTP-Remote-Address-IP4: 1.2.3.4
X-CSTP-Full-IPv6-Capability: true
X-DTLS-Master-Secret: secret
X-DTLS-CipherSuite: AES256-SHA:AES128-SHA:DES-CBC3-SHA:DES-CBC-SHA
X-DTLS-Accept-Encoding: lzs
X-DTLS-Header-Pad-Length: 0
X-CSTP-Accept-Encoding: lzs,deflate
X-CSTP-Protocol: Copyright (c) 2004 Cisco Systems, Inc.
HTTP/1.1 200 OK
Server: Cisco IOS SSLVPN
X-CSTP-Version: 1
X-CSTP-Address: 10.50.0.2
X-CSTP-Netmask: 255.255.255.0
X-CSTP-Keep: true
X-CSTP-DNS: 8.8.8.8
X-CSTP-NBNS: 1.2.3.4
X-CSTP-Lease-Duration: 43200
X-CSTP-MTU: 1299
X-CSTP-Default-Domain: gmvl.de
X-CSTP-Split-Exclude: 0.0.0.0/255.255.255.255
X-CSTP-Rekey-Time: 3600
X-CSTP-Rekey-Method: new-tunnel
X-CSTP-DPD: 3600
X-CSTP-Disconnected-Timeout: 2100
X-CSTP-Idle-Timeout: 2100
X-CSTP-Session-Timeout: 0
X-CSTP-Keepalive: 30
X-DTLS-Session-ID: whatever
X-DTLS-Port: 443
X-DTLS-CipherSuite: AES256-SHA
X-DTLS-DPD: 3600
X-DTLS-KeepAlive: 30
X-DTLS-Rekey-Time: 3600
Cheers,
Thomas
More information about the openconnect-devel
mailing list