Problem with OpenConnect on Windows 8.1

Aleksandar Kanchev aleksandar.kanchev at gmail.com
Tue May 6 01:38:06 PDT 2014 

Hello,

I followed the instructions of David Woodhouse and built openconnect
5.99 for windows (tried 32 and 64 bit versions) inside my fedora vm:
http://lists.infradead.org/pipermail/openconnect-devel/2014-March/001728.html

I also installed the latest OpenVPN 2.3.4 (x86_64-w64-mingw32) and got
the TAP-Windows driver version 9.9 installed too. Connecting with
openconnect to my firm's cisco vpn server was easy, since the
authentication is based on login and password only. I modified the
vpnc-script-win.js to run only the following lines on "connect":
   run("netsh interface ip set interface \"" + env("TUNDEV") + "\" metric=1");
   run("netsh interface ip set address \"" + env("TUNDEV") + "\" static " +
          env("INTERNAL_IP4_ADDRESS") + " 255.255.255.255");
   if (!waitForInterface()) {
      echo("Interface does not seem to be up.");
   }
   run("route add 192.168.50.0 mask 255.255.255.0 " +
env("INTERNAL_IP4_ADDRESS"));

Everything seems quite straight forward and easy but I couldn't ping
the internal network 192.168.50.0 even though the route seems to be
added. I made sure to run openconnect as administrator and made sure
the tap interface was configured properly. If I connect with the cisco
anyconnect client it automatically sets the INTERNAL_IP4_ADDRESS + 2
as standard gateway and routes all my traffic through the vpn tunnel.
I also tried to setup a configuration like that but it didn't help
either.

The tap driver is installed properly since I'm also using OpenVPN on
the same windows 8.1 machine to connect to another vpn server. To
verify that openconnect is capable of connecting to my firm's cisco
vpn server I tried it under my fedora vm and it worked properly.

I'm out of ideas on what might be the cause for the tap driver/routing
not working. I also tried the openconnect --dump-http-traffic option
and noticed that pinging a host within the 192.168.50.0/24 network
wouldn't cause any extra traffic. Couldn't it be something wrong with
the interface between the tap driver and openconnect on windows 8.1?

Cheers

More information about the openconnect-devel mailing list