Juniper Pulse doesn't connect properly

Pavel Kogan pkogan at gmail.com
Fri Dec 11 08:53:12 PST 2015


Hi,

I'm having trouble connecting to a Junos Pulse VPN with the latest
released version (7.06). I'm mostly following this guide -
https://github.com/dnschneid/crouton/wiki/Juniper-Junos-Pulse-VPN-with-OpenConnect
- but I had to make a small change to the the `juniper-vpn.py` script
to make it work:
https://github.com/pavelkogan/juniper-vpn-py/commit/91d10882277bacc3a3b921b60973d22b17303cd3

It appears to connect briefly, then terminates the connection:

```
$ sudo ./juniper-vpn.py --host pulse.example.com --user pavel.kogan
--stdin DSID=%DSID% openconnect --juniper %HOST% --cookie-on-stdin
--interface=tun0
Password:
WARNING: Juniper Network Connect support is experimental.
It will probably be superseded by Junos Pulse support.
Attempting to connect to server 19X.XXX.XXX.XXX:443
SSL negotiation with pulse.example.com
Connected to HTTPS on pulse.example.com
SSL negotiation with pulse.example.com
Connected to HTTPS on pulse.example.com
Connected tun0 as 10.XXX.XXX.XXX, using SSL
ESP session established with server
Server terminated connection (session expired)
Unknown error; exiting.
WARNING: Juniper Network Connect support is experimental.
It will probably be superseded by Junos Pulse support.
Attempting to connect to server 19X.XXX.XXX.XXX:443
SSL negotiation with pulse.example.com
Connected to HTTPS on pulse.example.com
Got HTTP response: HTTP/1.1 302 Found
Unexpected 302 result from server
Creating SSL connection failed
Waiting 10...
```
The error then repeats until I Ctrl-C.

The error at the end with `--dump-http-traffic`:
```
Server terminated connection (session expired)
Unknown error; exiting.
WARNING: Juniper Network Connect support is experimental.
It will probably be superseded by Junos Pulse support.
Attempting to connect to server 19X.XXX.XXX.XXX:443
SSL negotiation with pulse.example.com
Connected to HTTPS on pulse.example.com
Got HTTP response: HTTP/1.1 302 Found
Location: https://pulse.example.com/dana-na/auth/welcome.cgi?p=forced-off
Content-Type: text/html; charset=utf-8
Connection: close
Content-Length: 0
HTTP body length:  (0)
Unexpected 302 result from server
Creating SSL connection failed
Waiting 10...
```

Any ideas about what the problem is, or how it might be fixed?

Thanks,
Pavel



More information about the openconnect-devel mailing list