The best way to handle Juniper SSL VPN with Openconnect

Benoit Martin bmartinp at gmail.com
Fri Jun 5 04:12:15 PDT 2015


I have to recompiled ?

On Fri, Jun 5, 2015 at 4:44 AM David Woodhouse <dwmw2 at infradead.org> wrote:
>
> On Thu, 2015-06-04 at 22:39 -0400, Benoit Martin wrote:
> >
> >
> > I just find openconnect --juniper https://xxx.xxx.xxx
> >
> > I sucessfully connect to our VPN. I use Fedora 22 and I want to know
> > what is the best way to use it.
> > The only option for the moment is in command line ?
> > Can i use NetworkManager-openconnect ??
> >
> > I already check the option i have with networkmanager and it's not
> > working with our setup.
> >
> > I only need user/pass to login to our vpn. No need for group name.
>
> For your setup it's almost a one-line hack to make NetworkManager
> -openconnect support Juniper. Just change the call to
> openconnect_set_protocol(vpninfo, "anyconnect") at about line 97 of
> OpenConnect's library.c to say "nc" instead of "anyconnect", and it'll
> default to Network Connect instead.
>
> Then I think NetworkManager-openconnect should Just Work, at least for
> your setup.
>
> I have been reluctant to push that as a short-term solution because it
> does only work for a very limited set of simple cases, including yours.
>
> Really, I want a way to push the full HTML pages out to a real HTML
> renderer. Which means a new callback in the libopenconnect API, that
> the GUI can provide (and hook up to webkit or whatever). And if it
> *isn't* provided, libopenconnect can continue with its existing hackish
> and incomplete parsing of the "known" HTML forms.
>
> --
> dwmw2



More information about the openconnect-devel mailing list