Juniper SSL VPN support
David Woodhouse
dwmw2 at infradead.org
Thu Mar 26 16:57:39 PDT 2015
On Thu, 2015-03-26 at 23:08 +0000, Olda Bartunek wrote:
> David Woodhouse <dwmw2 <at> infradead.org> writes:
>
> >
> > Hm. And with --no-dtls it works OK, I presume?
> >
> > This is verify_packet_seqno() in esp.c. Can you make it print the
> > values of esp->seq_backlog and esp->seq so we can see what's
> > happening?
> >
> > And try just making it return zero :)
>
> With --no-dtls this message about discarding disappear but still nothing
> pass the tunnel (while on linux everything works ok even without --no-dtls)
With -v -v do you see traffic in either direction? Is vpnc-script-win
actually doing the right thing?
> Is there a way how to get debug output or I need to touch esp.c?
I ripped out all that debugging when I declared the sequence number
checking to be working. You'll have to add it back.
--
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20150326/1c6b5e52/attachment-0001.bin>
More information about the openconnect-devel
mailing list