Setting tunnel IP address fails on German Windows 7

Martin Pauly pauly at hrz.uni-marburg.de
Tue Jun 16 09:27:25 PDT 2015 

Hello,

first, I just want ot thank dwmw2, nmav and others for this excellent work!
The Windows port from
https://github.com/openconnect/openconnect-gui/releases/download/v1.3/openconnect-installer.exe
works well on an English Windows 7 for me, but fails on German Windows 7. It should be
noted that, by accident, the former is a 64 bit system whereas the latter is on an old machine
with a 32 bit CPU.

The problem seems to occur when the client is to set the tunnel IP address on the local TAP/TUN
interface. The symptom is always that it, being a pseudo-ethernet NIC, remains on the initial
APIPA address once assigned by windows. The ASA (which I administer) sees a valid session, though.
Connection log is attached, but one thing really puzzles me:
I am pretty sure that in  my first attempts, there was at least one failing netsh call in the log.
Now, there is nothing like this, not even after a full reboot. The error message there read
"Element nicht gefunden" which is "Element not found". The error did not seem to be detected, though,
connection setup proceeded without the IP address ever being set to work. First, I suspected the
language-dependent interface identifiers, but with netsh you only get an "Element not found" when
at least the identifier exists (which is "LAN-Verbindung 3" in my case, corresponding to
"Local Area Connection 3".

TIA, Martin

-- 
   Dr. Martin Pauly     Phone:  +49-6421-28-23527
   HRZ Univ. Marburg    Fax:    +49-6421-28-26994
   Hans-Meerwein-Str.   E-Mail: pauly at HRZ.Uni-Marburg.DE
   D-35032 Marburg
-------------- next part --------------
POST https://vpn.uni-marburg.de/
Attempting to connect to server 137.248.1.225:443
Connected to 137.248.1.225:443
SSL negotiation with vpn.uni-marburg.de
Connected to HTTPS on vpn.uni-marburg.de
Got HTTP response: HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
Connection: Keep-Alive
Date: Tue, 16 Jun 2015 16:02:37 GMT
X-Frame-Options: SAMEORIGIN
X-Aggregate-Auth: 1
HTTP body chunked (-2)
XML POST enabled
Please enter your username and password.
Saving group: unimr-vpn-staff
POST https://vpn.uni-marburg.de/
Got HTTP response: HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
Connection: Keep-Alive
Date: Tue, 16 Jun 2015 16:02:39 GMT
X-Frame-Options: SAMEORIGIN
X-Aggregate-Auth: 1
HTTP body chunked (-2)
XML POST enabled
Please enter your username and password.
Select form: group_list
Text form: username
Password form: password
POST https://vpn.uni-marburg.de/
Got HTTP response: HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
Connection: Keep-Alive
Date: Tue, 16 Jun 2015 16:02:45 GMT
X-Frame-Options: SAMEORIGIN
X-Aggregate-Auth: 1
HTTP body chunked (-2)
Got CONNECT response: HTTP/1.1 200 OK
X-CSTP-Version: 1
X-CSTP-Protocol: Copyright (c) 2004 Cisco Systems, Inc.
X-CSTP-Address: 137.248.72.236
X-CSTP-Netmask: 255.255.255.0
X-CSTP-Hostname: cvrzrz01.HRZ.Uni-Marburg.DE
X-CSTP-DNS: 137.248.1.5
X-CSTP-DNS: 137.248.21.22
X-CSTP-NBNS: 192.168.16.26
X-CSTP-Lease-Duration: 1209600
X-CSTP-Session-Timeout: none
X-CSTP-Idle-Timeout: 1800
X-CSTP-Disconnected-Timeout: 1800
X-CSTP-Default-Domain: HRZ.Uni-Marburg.DE
X-CSTP-Split-Include: 2.16.0.0/255.248.0.0
X-CSTP-Split-Include: 5.178.40.0/255.255.255.0
X-CSTP-Split-Include: 8.21.115.34/255.255.255.255
X-CSTP-Split-Include: 12.130.28.0/255.255.255.0
X-CSTP-Split-Include: 23.0.0.0/255.0.0.0
X-CSTP-Split-Include: 37.16.66.0/255.255.255.248
X-CSTP-Split-Include: 38.69.47.0/255.255.255.0
X-CSTP-Split-Include: 46.232.136.136/255.255.255.255
X-CSTP-Split-Include: 52.28.0.0/255.255.128.0
X-CSTP-Split-Include: 54.0.0.0/255.0.0.0
X-CSTP-Split-Include: 62.0.51.17/255.255.255.255
X-CSTP-Split-Include: 62.50.0.0/255.255.0.0
X-CSTP-Split-Include: 62.93.195.148/255.255.255.255
X-CSTP-Split-Include: 62.154.0.0/255.255.0.0
X-CSTP-Split-Include: 62.156.238.0/255.255.255.0
X-CSTP-Split-Include: 62.177.192.248/255.255.255.252
X-CSTP-Split-Include: 63.80.4.0/255.255.255.0
X-CSTP-Split-Include: 63.118.7.200/255.255.255.248
X-CSTP-Split-Include: 63.128.0.0/255.128.0.0
X-CSTP-Split-Include: 64.14.189.0/255.255.255.0
X-CSTP-Split-Include: 64.95.130.37/255.255.255.255
X-CSTP-Split-Include: 64.192.0.0/255.192.0.0
X-CSTP-Split-Include: 65.156.1.0/255.255.255.0
X-CSTP-Split-Include: 66.39.42.173/255.255.255.255
X-CSTP-Split-Include: 66.151.111.65/255.255.255.255
X-CSTP-Split-Include: 66.251.72.133/255.255.255.255
X-CSTP-Split-Include: 69.32.0.0/255.255.0.0
X-CSTP-Split-Include: 69.63.128.0/255.255.224.0
X-CSTP-Split-Include: 72.3.155.0/255.255.255.0
X-CSTP-Split-Include: 72.5.9.192/255.255.255.192
X-CSTP-Split-Include: 72.172.91.0/255.255.255.0
X-CSTP-Split-Include: 72.247.103.145/255.255.255.255
X-CSTP-Split-Include: 77.67.98.0/255.255.255.0
X-CSTP-Split-Include: 77.72.149.0/255.255.255.0
X-CSTP-Split-Include: 77.91.232.0/255.255.248.0
X-CSTP-Split-Include: 77.109.171.0/255.255.255.0
X-CSTP-Split-Include: 78.35.0.71/255.255.255.255
X-CSTP-Split-Include: 79.136.80.0/255.255.255.0
X-CSTP-Split-Include: 80.15.238.0/255.255.255.128
X-CSTP-Split-Include: 80.88.17.44/255.255.255.255
X-CSTP-Split-Include: 80.152.7.80/255.255.255.240
X-CSTP-Split-Include: 80.156.86.78/255.255.255.255
X-CSTP-Split-Include: 80.157.150.0/255.255.255.0
X-CSTP-Split-Include: 80.237.192.0/255.255.192.0
X-CSTP-Split-Include: 80.239.224.0/255.255.224.0
X-CSTP-Split-Include: 81.20.72.128/255.255.255.128
X-CSTP-Split-Include: 81.252.100.64/255.255.255.240
X-CSTP-Split-Include: 82.103.132.170/255.255.255.255
X-CSTP-Split-Include: 82.109.207.0/255.255.255.240
X-CSTP-Split-Include: 82.150.20.0/255.255.252.0
X-CSTP-Split-Include: 82.165.121.253/255.255.255.255
X-CSTP-Split-Include: 82.165.194.57/255.255.255.255
X-CSTP-Split-Include: 82.197.80.64/255.255.255.224
X-CSTP-Split-Include: 82.212.221.62/255.255.255.255
X-CSTP-Split-Include: 83.223.95.45/255.255.255.255
X-CSTP-Split-Include: 83.231.175.28/255.255.255.255
X-CSTP-Split-Include: 84.18.160.0/255.255.224.0
X-CSTP-Split-Include: 84.22.181.34/255.255.255.255
X-CSTP-Split-Include: 84.53.138.0/255.255.255.0
X-CSTP-Split-Include: 84.201.73.27/255.255.255.255
X-CSTP-Split-Include: 85.21.138.99/255.255.255.255
X-CSTP-Split-Include: 85.183.0.0/255.255.0.0
X-CSTP-Split-Include: 87.106.60.14/255.255.255.255
X-CSTP-Split-Include: 87.249.112.195/255.255.255.255
X-CSTP-Split-Include: 88.198.1.4/255.255.255.255
X-CSTP-Split-Include: 88.221.0.0/255.255.0.0
X-CSTP-Split-Include: 91.199.146.51/255.255.255.255
X-CSTP-Split-Include: 91.203.202.198/255.255.255.255
X-CSTP-Split-Include: 91.208.107.0/255.255.255.0
X-CSTP-Split-Include: 91.216.243.0/255.255.255.0
X-CSTP-Split-Include: 91.240.2.0/255.255.254.0
X-CSTP-Split-Include: 92.51.150.136/255.255.255.255
X-CSTP-Split-Include: 92.122.0.0/255.254.0.0
X-CSTP-Split-Include: 92.198.27.96/255.255.255.224
X-CSTP-Split-Include: 93.91.16.0/255.255.240.0
X-CSTP-Split-Include: 95.100.0.0/255.254.0.0
X-CSTP-Split-Include: 95.138.157.112/255.255.255.240
X-CSTP-Split-Include: 128.59.48.24/255.255.255.255
X-CSTP-Split-Include: 128.84.131.12/255.255.255.255
X-CSTP-Split-Include: 128.135.0.0/255.255.0.0
X-CSTP-Split-Include: 128.200.0.0/255.255.0.0
X-CSTP-Split-Include: 128.220.0.0/255.255.0.0
X-CSTP-Split-Include: 128.232.0.0/255.255.0.0
X-CSTP-Split-Include: 129.41.0.0/255.255.0.0
X-CSTP-Split-Include: 129.69.17.192/255.255.255.252
X-CSTP-Split-Include: 129.143.8.96/255.255.255.224
X-CSTP-Split-Include: 129.143.67.16/255.255.255.240
X-CSTP-Split-Include: 130.0.0.0/255.0.0.0
X-CSTP-Split-Include: 132.199.0.0/255.255.0.0
X-CSTP-Split-Include: 134.76.0.0/255.255.0.0
X-CSTP-Split-Include: 134.102.228.29/255.255.255.255
X-CSTP-Split-Include: 134.147.0.0/255.255.0.0
X-CSTP-Split-Include: 134.176.0.0/255.255.0.0
X-CSTP-Split-Include: 134.243.5.42/255.255.255.255
X-CSTP-Split-Include: 135.196.210.0/255.255.255.0
X-CSTP-Split-Include: 137.248.0.0/255.255.0.0
X-CSTP-Split-Include: 138.12.4.0/255.255.255.0
X-CSTP-Split-Include: 140.234.0.0/255.255.0.0
X-CSTP-Split-Include: 141.0.0.0/255.128.0.0
X-CSTP-Split-Include: 148.251.236.49/255.255.255.255
X-CSTP-Split-Include: 145.253.128.0/255.255.128.0
X-CSTP-Split-Include: 151.249.64.0/255.255.224.0
X-CSTP-Split-Include: 160.74.48.101/255.255.255.255
X-CSTP-Split-Include: 160.109.0.0/255.255.0.0
X-CSTP-Split-Include: 163.1.185.13/255.255.255.255
X-CSTP-Split-Include: 165.215.0.0/255.255.0.0
X-CSTP-Split-Include: 167.68.0.0/255.255.0.0
X-CSTP-Split-Include: 167.216.128.0/255.255.128.0
X-CSTP-Split-Include: 168.143.179.0/255.255.255.0
X-CSTP-Split-Include: 170.107.0.0/255.255.0.0
X-CSTP-Split-Include: 170.224.106.0/255.255.255.0
X-CSTP-Split-Include: 171.64.0.0/255.252.0.0
X-CSTP-Split-Include: 172.224.0.0/255.240.0.0
X-CSTP-Split-Include: 173.225.61.231/255.255.255.255
X-CSTP-Split-Include: 173.254.190.144/255.255.255.240
X-CSTP-Split-Include: 174.120.120.151/255.255.255.255
X-CSTP-Split-Include: 176.34.247.242/255.255.255.255
X-CSTP-Split-Include: 176.221.45.3/255.255.255.255
X-CSTP-Split-Include: 184.0.0.0/255.0.0.0
X-CSTP-Split-Include: 185.31.16.0/255.255.252.0
X-CSTP-Split-Include: 188.92.0.0/255.252.0.0
X-CSTP-Split-Include: 188.210.44.206/255.255.255.255
X-CSTP-Split-Include: 192.41.161.0/255.255.255.0
X-CSTP-Split-Include: 192.84.75.64/255.255.255.192
X-CSTP-Split-Include: 192.84.80.0/255.255.255.0
X-CSTP-Split-Include: 192.168.1.0/255.255.255.0
X-CSTP-Split-Include: 192.168.3.0/255.255.255.0
X-CSTP-Split-Include: 192.168.4.0/255.255.252.0
X-CSTP-Split-Include: 192.168.8.0/255.255.248.0
X-CSTP-Split-Include: 192.168.16.0/255.255.240.0
X-CSTP-Split-Include: 192.168.32.0/255.255.224.0
X-CSTP-Split-Include: 192.168.64.0/255.255.192.0
X-CSTP-Split-Include: 192.168.128.0/255.255.128.0
X-CSTP-Split-Include: 192.195.245.0/255.255.255.0
X-CSTP-Split-Include: 192.231.246.0/255.255.255.0
X-CSTP-Split-Include: 193.39.212.0/255.255.255.0
X-CSTP-Split-Include: 193.75.142.0/255.255.255.0
X-CSTP-Split-Include: 193.174.240.0/255.255.255.0
X-CSTP-Split-Include: 193.175.82.68/255.255.255.255
X-CSTP-Split-Include: 193.175.192.0/255.255.192.0
X-CSTP-Split-Include: 193.194.158.0/255.255.255.0
X-CSTP-Split-Include: 193.254.176.0/255.255.248.0
X-CSTP-Split-Include: 194.66.20.0/255.255.252.0
X-CSTP-Split-Include: 194.94.132.0/255.255.255.0
X-CSTP-Split-Include: 194.95.0.0/255.255.0.0
X-CSTP-Split-Include: 194.105.70.3/255.255.255.255
X-CSTP-Split-Include: 194.175.173.0/255.255.255.0
X-CSTP-Split-Include: 194.209.48.0/255.255.255.0
X-CSTP-Split-Include: 194.231.61.67/255.255.255.255
X-CSTP-Split-Include: 195.27.183.0/255.255.255.0
X-CSTP-Split-Include: 195.33.169.32/255.255.255.224
X-CSTP-Split-Include: 195.39.222.0/255.255.254.0
X-CSTP-Split-Include: 195.74.94.0/255.255.255.0
X-CSTP-Split-Include: 195.92.228.61/255.255.255.255
X-CSTP-Split-Include: 195.144.0.0/255.254.0.0
X-CSTP-Split-Include: 195.157.37.0/255.255.255.0
X-CSTP-Split-Include: 195.226.116.128/255.255.255.192
X-CSTP-Split-Include: 198.81.200.0/255.255.255.0
X-CSTP-Split-Include: 198.108.24.38/255.255.255.255
X-CSTP-Split-Include: 198.185.19.57/255.255.255.255
X-CSTP-Split-Include: 199.1.202.0/255.255.255.0
X-CSTP-Split-Include: 199.27.75.184/255.255.255.255
X-CSTP-Split-Include: 199.107.238.192/255.255.255.224
X-CSTP-Split-Include: 199.168.12.0/255.255.252.0
X-CSTP-Split-Include: 199.171.202.0/255.255.255.0
X-CSTP-Split-Include: 199.222.69.0/255.255.255.0
X-CSTP-Split-Include: 199.240.0.0/255.240.0.0
X-CSTP-Split-Include: 204.14.132.128/255.255.255.192
X-CSTP-Split-Include: 204.153.51.42/255.255.255.255
X-CSTP-Split-Include: 204.180.229.135/255.255.255.255
X-CSTP-Split-Include: 205.178.189.131/255.255.255.255
X-CSTP-Split-Include: 206.0.0.0/255.0.0.0
X-CSTP-Split-Include: 207.34.140.250/255.255.255.255
X-CSTP-Split-Include: 208.4.68.30/255.255.255.255
X-CSTP-Split-Include: 208.76.204.0/255.255.252.0
X-CSTP-Split-Include: 208.77.250.0/255.255.255.0
X-CSTP-Split-Include: 208.185.238.0/255.255.255.0
X-CSTP-Split-Include: 208.215.178.0/255.255.254.0
X-CSTP-Split-Include: 209.18.110.0/255.255.255.0
X-CSTP-Split-Include: 209.213.117.84/255.255.255.255
X-CSTP-Split-Include: 212.104.212.98/255.255.255.254
X-CSTP-Split-Include: 212.113.83.0/255.255.255.0
X-CSTP-Split-Include: 212.162.1.192/255.255.255.192
X-CSTP-Split-Include: 212.201.100.0/255.255.255.0
X-CSTP-Split-Include: 212.203.117.0/255.255.255.0
X-CSTP-Split-Include: 212.250.180.0/255.255.255.128
X-CSTP-Split-Include: 213.56.90.4/255.255.255.255
X-CSTP-Split-Include: 213.155.64.139/255.255.255.255
X-CSTP-Split-Include: 213.179.138.96/255.255.255.224
X-CSTP-Split-Include: 213.198.96.0/255.255.255.0
X-CSTP-Split-Include: 213.212.0.0/255.252.0.0
X-CSTP-Split-Include: 213.216.6.131/255.255.255.255
X-CSTP-Split-Include: 213.252.28.129/255.255.255.255
X-CSTP-Split-Include: 213.252.144.0/255.255.255.0
X-CSTP-Split-Include: 216.27.103.161/255.255.255.255
X-CSTP-Split-Include: 216.37.74.69/255.255.255.255
X-CSTP-Split-Include: 216.128.0.0/255.128.0.0
X-CSTP-Split-Include: 216.250.253.82/255.255.255.255
X-CSTP-Split-Include: 217.0.0.0/255.0.0.0
X-CSTP-Keep: true
X-CSTP-Tunnel-All-DNS: false
X-CSTP-DPD: 30
X-CSTP-Keepalive: 20
X-CSTP-Banner: Willkommen%20beim%20VPN-Zugang%20fuer%20Professoren%20und%20Mitarbeiter%20der%20Philipps-Universitaet%20Marburg.%0ABei%20Problemen%3A%20http%3A%2F%2Fwww.uni-marburg.de%2Fhrz%2Finternet%2Fvpn%0AAb%20Di%2C%2005.05.2015%3A%20Automatisches%20Update%20auf%20Anyconnect%20Version%203.1.08009%20fuer%20Windows-Clients%0A%0AWelcome%20to%20the%20VPN%20Service%20for%20staff%20of%20the%20Philipps%20University%20Marburg.%0AIn%20case%20of%20problems%20please%20refer%20to%20http%3A%2F%2Fwww.uni-marburg.de%2
X-CSTP-MSIE-Proxy-Lockdown: true
X-CSTP-Smartcard-Removal-Disconnect: true
X-DTLS-Session-ID: 5005D9680D46D6AF94CA5BAD36A8C71B1EFFD2C92312351C63A781276C3340E2
X-DTLS-Port: 443
X-DTLS-Keepalive: 20
X-DTLS-DPD: 30
X-CSTP-MTU: 1342
X-DTLS-CipherSuite: AES128-SHA
X-CSTP-Routing-Filtering-Ignore: false
X-CSTP-Quarantine: false
X-CSTP-Disable-Always-On-VPN: false
X-CSTP-Client-Bypass-Protocol: false
X-CSTP-TCP-Keepalive: true
X-CSTP-Post-Auth-XML: <elided>
CSTP connected. DPD 30, Keepalive 20
CSTP Ciphersuite: (TLS1.0)-(DHE-RSA-1024)-(AES-128-CBC)-(SHA1)
Opened tun device LAN-Verbindung 3
TAP-Windows driver v9.21 (0)
Failed to spawn script 'vpnc-script.js' for connect: Der angegebene Ressourcentyp wurde nicht in der Image-Datei gefunden.
DTLS option X-DTLS-Session-ID : 5005D9680D46D6AF94CA5BAD36A8C71B1EFFD2C92312351C63A781276C3340E2
DTLS option X-DTLS-Port : 443
DTLS option X-DTLS-Keepalive : 20
DTLS option X-DTLS-DPD : 30
DTLS option X-DTLS-CipherSuite : AES128-SHA
DTLS initialised. DPD 30, Keepalive 20
Established DTLS connection (using GnuTLS). Ciphersuite (DTLS0.9)-(RSA)-(AES-128-CBC)-(SHA1).
Send CSTP DPD
Got CSTP DPD response

More information about the openconnect-devel mailing list