The best way to handle Juniper SSL VPN with Openconnect
David Woodhouse
dwmw2 at infradead.org
Fri Jun 5 01:44:18 PDT 2015
On Thu, 2015-06-04 at 22:39 -0400, Benoit Martin wrote:
>
>
> I just find openconnect --juniper https://xxx.xxx.xxx
>
> I sucessfully connect to our VPN. I use Fedora 22 and I want to know
> what is the best way to use it.
> The only option for the moment is in command line ?
> Can i use NetworkManager-openconnect ??
>
> I already check the option i have with networkmanager and it's not
> working with our setup.
>
> I only need user/pass to login to our vpn. No need for group name.
For your setup it's almost a one-line hack to make NetworkManager
-openconnect support Juniper. Just change the call to
openconnect_set_protocol(vpninfo, "anyconnect") at about line 97 of
OpenConnect's library.c to say "nc" instead of "anyconnect", and it'll
default to Network Connect instead.
Then I think NetworkManager-openconnect should Just Work, at least for
your setup.
I have been reluctant to push that as a short-term solution because it
does only work for a very limited set of simple cases, including yours.
Really, I want a way to push the full HTML pages out to a real HTML
renderer. Which means a new callback in the libopenconnect API, that
the GUI can provide (and hook up to webkit or whatever). And if it
*isn't* provided, libopenconnect can continue with its existing hackish
and incomplete parsing of the "known" HTML forms.
--
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5691 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20150605/0cbb3d8a/attachment.bin>
More information about the openconnect-devel
mailing list