Unable to connect from AnyConnect Windows & Android Clients to ocserv 0.3
info at itnserver.com
info at itnserver.com
Fri Jan 24 00:22:16 EST 2014
HI All
I compiled ocserv and 0.3 on Fedora 64 Bit
But
Unable to connect from AnyConnect Windows & Android Clients to ocserv
0.3
Please help me
My Log :
ocserv[10211]: GnuTLS error (at worker-vpn.c:664): A TLS fatal alert has
been received.: Unknown certificate
ocserv[10209]: *.*.*.*:33542 main-misc.c:468: command socket closed
ocserv[10212]: *.*.*.*:33543 accepted connection
ocserv[10210]: sec-mod received request from pid 10212 and uid 0
ocserv[10212]: *.*.*.*:33543 sending message 'resume data store request'
to main
ocserv[10212]: *.*.*.*:33543 TLS handshake completed
ocserv[10209]: *.*.*.*:33543 main received message 'resume data store
request' of 258 bytes
ocserv[10209]: *.*.*.*:33543 TLS session DB storing
11745f92c875d2a74ec94326a5c22b927fc7359b37ece7def0fbe86c0396a101
ocserv[10212]: *.*.*.*:33543 HTTP: User-Agent: AnyConnect Android
3.0.09242
ocserv[10212]: *.*.*.*:33543 HTTP: Host: 142.4.201.188
ocserv[10212]: *.*.*.*:33543 HTTP: Accept: */*
ocserv[10212]: *.*.*.*:33543 HTTP: Accept-Encoding: identity
ocserv[10212]: *.*.*.*:33543 HTTP: X-Transcend-Version: 1
ocserv[10212]: *.*.*.*:33543 HTTP: X-Transcend-Version: 1
ocserv[10212]: *.*.*.*:33543 HTTP:
X-AnyConnect-Identifier-ClientVersion: 3.0.09242
ocserv[10212]: *.*.*.*:33543 HTTP: X-AnyConnect-Identifier-Platform:
android
ocserv[10212]: *.*.*.*:33543 HTTP:
X-AnyConnect-Identifier-PlatformVersion: 4.1.1
ocserv[10212]: *.*.*.*:33543 HTTP: X-AnyConnect-Identifier-DeviceType:
rockchip ORIGIN A7
ocserv[10212]: *.*.*.*:33543 HTTP:
X-AnyConnect-Identifier-Device-UniqueID:
8A1D1CF69D6123EDD781EB6D1F4CF112944018BE
ocserv[10212]: *.*.*.*:33543 HTTP: X-Aggregate-Auth: 1
ocserv[10212]: *.*.*.*:33543 HTTP: Connection: close
ocserv[10212]: *.*.*.*:33543 HTTP: Content-Length: 326
ocserv[10212]: *.*.*.*:33543 HTTP: Content-Type:
application/x-www-form-urlencoded
ocserv[10212]: *.*.*.*:33543 HTTP POST /
ocserv[10212]: *.*.*.*:33543 POST body: '<?xml version="1.0"
encoding="UTF-8"?>
<config-auth client="vpn" type="init">
<device-id platform-version="4.1.1" device-type="rockchip ORIGIN A7"
unique-id="8A1D1CF69D6123EDD781EB6D1F4CF112944018BE">android</device-id>
<version who="vpn">3.0.09242</version>
<group-access>https://142.4.201.188/</group-access>
</config-auth>
'
ocserv[10212]: *.*.*.*:33543 cannot find username in client XML message
ocserv[10212]: *.*.*.*:33543 failed reading username
ocserv[10212]: *.*.*.*:33543 sent sid: FhxWoohQAeM9NL9g
ocserv[10212]: *.*.*.*:33543 HTTP: User-Agent: AnyConnect Android
3.0.09242
ocserv[10212]: *.*.*.*:33543 HTTP: Host: 142.4.201.188
ocserv[10212]: *.*.*.*:33543 HTTP: Accept: */*
ocserv[10212]: *.*.*.*:33543 HTTP: Accept-Encoding: identity
ocserv[10212]: *.*.*.*:33543 HTTP: Cookie:
webvpncontext=FhxWoohQAeM9NL9g
ocserv[10212]: *.*.*.*:33543 received sid: FhxWoohQAeM9NL9g
ocserv[10212]: *.*.*.*:33543 HTTP: X-Transcend-Version: 1
ocserv[10212]: *.*.*.*:33543 HTTP: X-Transcend-Version: 1
ocserv[10212]: *.*.*.*:33543 HTTP:
X-AnyConnect-Identifier-ClientVersion: 3.0.09242
ocserv[10212]: *.*.*.*:33543 HTTP: X-AnyConnect-Identifier-Platform:
android
ocserv[10212]: *.*.*.*:33543 HTTP:
X-AnyConnect-Identifier-PlatformVersion: 4.1.1
ocserv[10212]: *.*.*.*:33543 HTTP: X-AnyConnect-Identifier-DeviceType:
rockchip ORIGIN A7
ocserv[10212]: *.*.*.*:33543 HTTP:
X-AnyConnect-Identifier-Device-UniqueID:
8A1D1CF69D6123EDD781EB6D1F4CF112944018BE
ocserv[10212]: *.*.*.*:33543 HTTP: X-Aggregate-Auth: 1
ocserv[10212]: *.*.*.*:33543 HTTP: Content-Length: 12
ocserv[10212]: *.*.*.*:33543 HTTP: Content-Type:
application/x-www-form-urlencoded
ocserv[10212]: *.*.*.*:33543 HTTP POST /auth
ocserv[10212]: *.*.*.*:33543 POST body: 'username=cmd'
ocserv[10212]: *.*.*.*:33543 updating SID
ocserv[10212]: *.*.*.*:33543 sending message 'auth init' to main
ocserv[10209]: *.*.*.*:33543 main received message 'auth init' of 25
bytes
ocserv[10209]: *.*.*.*:33543 auth init set SID to FhxWoohQAeM9NL9g
ocserv[10209]: *.*.*.*:33543 auth init for user 'cmd' from
'*.*.*.*:33543'
ocserv[10209]: *.*.*.*:33543 sending message 'auth reply' to worker
ocserv[10212]: *.*.*.*:33543 received auth reply message (value: 2)
ocserv[10212]: *.*.*.*:33543 continuing authentication for ''
ocserv[10212]: *.*.*.*:33543 HTTP: User-Agent: AnyConnect Android
3.0.09242
ocserv[10212]: *.*.*.*:33543 HTTP: Host: 142.4.201.188
ocserv[10212]: *.*.*.*:33543 HTTP: Accept: */*
ocserv[10212]: *.*.*.*:33543 HTTP: Accept-Encoding: identity
ocserv[10212]: *.*.*.*:33543 HTTP: Cookie:
webvpncontext=FhxWoohQAeM9NL9g
ocserv[10212]: *.*.*.*:33543 received sid: FhxWoohQAeM9NL9g
ocserv[10212]: *.*.*.*:33543 HTTP: X-Transcend-Version: 1
ocserv[10212]: *.*.*.*:33543 HTTP: X-Transcend-Version: 1
ocserv[10212]: *.*.*.*:33543 HTTP:
X-AnyConnect-Identifier-ClientVersion: 3.0.09242
ocserv[10212]: *.*.*.*:33543 HTTP: X-AnyConnect-Identifier-Platform:
android
ocserv[10212]: *.*.*.*:33543 HTTP:
X-AnyConnect-Identifier-PlatformVersion: 4.1.1
ocserv[10212]: *.*.*.*:33543 HTTP: X-AnyConnect-Identifier-DeviceType:
rockchip ORIGIN A7
ocserv[10212]: *.*.*.*:33543 HTTP:
X-AnyConnect-Identifier-Device-UniqueID:
8A1D1CF69D6123EDD781EB6D1F4CF112944018BE
ocserv[10212]: *.*.*.*:33543 HTTP: X-Aggregate-Auth: 1
ocserv[10212]: *.*.*.*:33543 HTTP: Content-Length: 22
ocserv[10212]: *.*.*.*:33543 HTTP: Content-Type:
application/x-www-form-urlencoded
ocserv[10212]: *.*.*.*:33543 HTTP POST /auth
ocserv[10212]: *.*.*.*:33543 POST body: 'password=Command%40110'
ocserv[10212]: *.*.*.*:33543 sending message 'auth request' to main
ocserv[10209]: *.*.*.*:33543 main received message 'auth request' of 13
bytes
ocserv[10209]: *.*.*.*:33543 auth req for user 'cmd'
ocserv[10209]: *.*.*.*:33543 accepting user 'cmd'
ocserv[10209]: *.*.*.*:33543 auth deinit for user 'cmd'
ocserv[10209]: *.*.*.*:33543 No user configuration for 'cmd'
ocserv[10209]: *.*.*.*:33543 No group configuration for 'cmd'
ocserv[10209]: *.*.*.*:33543 selected IP for 'cmd': 10.10.10.86
ocserv[10209]: *.*.*.*:33543 assigned IPv4 to 'cmd': 10.10.10.87
ocserv[10209]: *.*.*.*:33543 assigning tun device vpns0
ocserv[10209]: *.*.*.*:33543 user 'cmd' of group 'cmd' authenticated
ocserv[10209]: *.*.*.*:33543 sending (socket) message 2 to worker
ocserv[10212]: *.*.*.*:33543 received auth reply message (value: 1)
ocserv[10212]: *.*.*.*:33543 user 'cmd' logged in
ocserv[10219]: *.*.*.*:33544 accepted connection
ocserv[10210]: sec-mod received request from pid 10219 and uid 0
ocserv[10219]: *.*.*.*:33544 sending message 'resume data store request'
to main
ocserv[10219]: *.*.*.*:33544 TLS handshake completedocserv[10209]:
*.*.*.*:33544 main received message 'resume data store request' of 258
bytes
ocserv[10209]: *.*.*.*:33544 TLS session DB storing
523a36cf8c88974058aeb0968cb97f4d55063ee7cfebd959aba78c2319f2f2e5
ocserv[10219]: *.*.*.*:33544 HTTP: User-Agent: AnyConnect Android
3.0.09242
ocserv[10219]: *.*.*.*:33544 HTTP: Host: 142.4.201.188
ocserv[10219]: *.*.*.*:33544 HTTP: Accept: */*
ocserv[10219]: *.*.*.*:33544 HTTP: Cookie:
webvpn=BOOmbLR8/PR3409+pc8fh6Ejm3obaoZe0SY/W1Z/1im68xNU9T2Mp4AnzzkC82sS0//klcWZBt3BI8o0Zz6rx2i1AVARTZlsBCbzwzCHeEz3V8KSEhRJbc/OiZWQ1tNFz6v9l9BgfNd08tVw8hhXEGqLYRzH/r3Z7ltc+oKjahTaGSx6s6SyNici2EZ0alyhlIVNW4CzFIMSM4NK6Fbl139EGxq+0UGnFgRKrvjRvnqeR5Jz6rJSBN96keCbuAb+BQG1QAEbdZFQq5eP+V5fPiJkr2IpxPabRGjJ4yGfWFnouXseZmVI8FUIepMNIyBzu7fhwEEydFtPNsLubM6Idw==
ocserv[10219]: *.*.*.*:33544 HTTP GET
/+CSCOT+/translation-table?type=combined-manifest&textdomain=AnyConnect
ocserv[10219]: *.*.*.*:33544 unexpected URL
/+CSCOT+/translation-table?type=combined-manifest&textdomain=AnyConnect
ocserv[10209]: *.*.*.*:33544 main-misc.c:468: command socket closed
ocserv[10220]: *.*.*.*:33545 accepted connection
ocserv[10220]: GnuTLS error (at worker-vpn.c:664): A TLS fatal alert has
been received.: CA is unknown
ocserv[10209]: *.*.*.*:33545 main-misc.c:468: command socket closed
ocserv[10221]: *.*.*.*:33546 accepted connection
ocserv[10210]: sec-mod received request from pid 10221 and uid 0
ocserv[10221]: *.*.*.*:33546 sending message 'resume data store request'
to main
ocserv[10209]: *.*.*.*:33546 main received message 'resume data store
request' of 258 bytes
ocserv[10209]: *.*.*.*:33546 TLS session DB storing
8057ebc3f63870544120810f0f1d1ec9a12c2779e39ea2907604616de1d7c4aa
ocserv[10221]: *.*.*.*:33546 TLS handshake completed
ocserv[10221]: *.*.*.*:33546 HTTP: Host: 142.4.201.188
ocserv[10221]: *.*.*.*:33546 HTTP: User-Agent: Cisco AnyConnect VPN
Agent for Android 3.0.09242
ocserv[10221]: *.*.*.*:33546 HTTP: Cookie:
webvpn=BOOmbLR8/PR3409+pc8fh6Ejm3obaoZe0SY/W1Z/1im68xNU9T2Mp4AnzzkC82sS0//klcWZBt3BI8o0Zz6rx2i1AVARTZlsBCbzwzCHeEz3V8KSEhRJbc/OiZWQ1tNFz6v9l9BgfNd08tVw8hhXEGqLYRzH/r3Z7ltc+oKjahTaGSx6s6SyNici2EZ0alyhlIVNW4CzFIMSM4NK6Fbl139EGxq+0UGnFgRKrvjRvnqeR5Jz6rJSBN96keCbuAb+BQG1QAEbdZFQq5eP+V5fPiJkr2IpxPabRGjJ4yGfWFnouXseZmVI8FUIepMNIyBzu7fhwEEydFtPNsLubM6Idw==
ocserv[10221]: *.*.*.*:33546 HTTP: X-CSTP-Version: 1
ocserv[10221]: *.*.*.*:33546 HTTP: X-CSTP-Hostname: localhost
ocserv[10221]: *.*.*.*:33546 HTTP: X-CSTP-MTU: 1405
ocserv[10221]: *.*.*.*:33546 HTTP: X-CSTP-Address-Type: IPv6,IPv4
ocserv[10221]: *.*.*.*:33546 HTTP: X-CSTP-License: mobile
ocserv[10221]: *.*.*.*:33546 HTTP:
X-AnyConnect-Identifier-ClientVersion: 3.0.09242
ocserv[10221]: *.*.*.*:33546 HTTP: X-AnyConnect-Identifier-Platform:
android
ocserv[10221]: *.*.*.*:33546 HTTP:
X-AnyConnect-Identifier-PlatformVersion: 4.1.1
ocserv[10221]: *.*.*.*:33546 HTTP: X-AnyConnect-Identifier-DeviceType:
rockchip ORIGIN A7
ocserv[10221]: *.*.*.*:33546 HTTP:
X-AnyConnect-Identifier-Device-UniqueID:
8A1D1CF69D6123EDD781EB6D1F4CF112944018BE
ocserv[10221]: *.*.*.*:33546 HTTP: X-DTLS-Master-Secret:
0391270607A758E1B52EEB67AEAA5A9A8B67B2C589726F95F6A0CDB4B1FD07153D622C0639E7F2A552E7AC9D44AA4D64
ocserv[10221]: *.*.*.*:33546 HTTP: X-DTLS-CipherSuite:
AES256-SHA:AES128-SHA:DES-CBC3-SHA:DES-CBC-SHA
ocserv[10221]: *.*.*.*:33546 HTTP: X-DTLS-Accept-Encoding: lzs
ocserv[10221]: *.*.*.*:33546 HTTP: X-CSTP-Accept-Encoding: lzs,deflate
ocserv[10221]: *.*.*.*:33546 HTTP: X-CSTP-Protocol: Copyright (c) 2004
Cisco Systems, Inc.
ocserv[10221]: *.*.*.*:33546 HTTP: X-CSTP-TCP-Keepalive: false
ocserv[10221]: *.*.*.*:33546 HTTP CONNECT /CSCOSSLC/tunnel
ocserv[10221]: *.*.*.*:33546 sending message 'auth cookie request' to
main
ocserv[10209]: *.*.*.*:33546 main received message 'auth cookie request'
of 261 bytes
ocserv[10209]: *.*.*.*:33546 accepting user 'cmd'
ocserv[10209]: *.*.*.*:33546 auth deinit for user 'cmd'
ocserv[10209]: *.*.*.*:33543 disconnecting 'cmd' due to new cookie
connection
ocserv[10209]: *.*.*.*:33546 No user configuration for 'cmd'
ocserv[10209]: *.*.*.*:33546 No group configuration for 'cmd'
ocserv[10209]: *.*.*.*:33546 assigned IPv4 to 'cmd': 10.10.10.87
ocserv[10209]: *.*.*.*:33546 assigning tun device vpns1
ocserv[10209]: *.*.*.*:33546 user 'cmd' of group 'cmd' re-authenticated
(using cookie)
ocserv[10209]: *.*.*.*:33546 sending (socket) message 2 to worker
ocserv[10221]: *.*.*.*:33546 received auth reply message (value: 1)
ocserv[10221]: *.*.*.*:33546 sending IPv4 10.10.10.87
ocserv[10221]: *.*.*.*:33546 adding route 0.0.0.0/0.0.0.0
ocserv[10221]: *.*.*.*:33546 peer CSTP MTU is 1405
ocserv[10221]: *.*.*.*:33546 TCP MSS is 1427
ocserv[10221]: *.*.*.*:33546 DTLS ciphersuite: AES128-SHA
ocserv[10221]: *.*.*.*:33546 suggesting DTLS MTU 1339
ocserv[10221]: *.*.*.*:33546 suggesting CSTP MTU 1339
ocserv[10221]: *.*.*.*:33546 plaintext MTU is 1404
ocserv[10221]: *.*.*.*:33546 sending message 'tun mtu change' to main
ocserv[10209]: *.*.*.*:33546 main received message 'tun mtu change' of 3
bytes
ocserv[10221]: *.*.*.*:33546 setting MTU to 1404
ocserv[10209]: *.*.*.*:33546 setting vpns1 MTU to 1404
ocserv[10221]: *.*.*.*:33546 sending message 'session info' to main
ocserv[10209]: *.*.*.*:33546 main received message 'session info' of 56
bytes
ocserv[10221]: *.*.*.*:33546 TCP MSS is 1427
ocserv[10221]: *.*.*.*:33546 reducing MTU due to TCP MSS to 1398
ocserv[10221]: *.*.*.*:33546 sending message 'tun mtu change' to main
ocserv[10209]: *.*.*.*:33546 main received message 'tun mtu change' of 3
bytes
ocserv[10209]: *.*.*.*:33546 setting vpns1 MTU to 1397
ocserv[10221]: *.*.*.*:33546 setting MTU to 1397
ocserv[10221]: *.*.*.*:33546 received 95 byte(s) (TLS)
ocserv[10221]: *.*.*.*:33546 received BYE packet; exiting
ocserv[10209]: *.*.*.*:33546 main-misc.c:468: command socket closed
ocserv[10209]: *.*.*.*:33543 main-misc.c:468: command socket closed
Alex
More information about the openconnect-devel
mailing list