ocserv 0.10.3
jacky he
jacky.he at gmail.com
Wed May 6 03:32:58 PDT 2015
On 0.10.4:
1) I connect to vpn by using WiFi
2) I switch to cellular network, successfully roaming and reconnect
3) I switch again to WiFi network, but can't reconnect.
here is ocserv log:
ocserv[442]: worker: client certificate verification succeeded
ocserv[382]: sec-mod: using 'certificate' authentication to
authenticate user (session: eflZJ)
ocserv[443]: worker: tlslib.c:378: no certificate was found
ocserv[378]: main: WiFi Network IP:62504 user disconnected
ocserv[444]: worker: tlslib.c:378: no certificate was found
ocserv[382]: sec-mod: initiating session for user 'vpnuser' (session: eflZJ)
ocserv[378]: main[vpnuser]: WiFi Network IP:62505 new user session
ocserv[378]: main[vpnuser]: WiFi Network IP:62505 user logged in
ocserv[378]: main: WiFi Network IP:62503 user disconnected
ocserv[461]: worker: tlslib.c:378: no certificate was found
ocserv[382]: sec-mod: initiating session for user 'vpnuser' (session: eflZJ)
ocserv[378]: main[vpnuser]: Cellular Network IP:9120 re-using session
ocserv[378]: main[vpnuser]: Cellular Network IP:9120 user logged in
ocserv[378]: main[vpnuser]: WiFi Network IP:62505 user disconnected
ocserv[382]: sec-mod: temporarily closing session for vpnuser (session: eflZJ)
ocserv[382]: sec-mod: invalidating session of user 'vpnuser' (session: eflZJ)
ocserv[378]: main[vpnuser]: Cellular Network IP:9120 user disconnected
ocserv[382]: sec-mod: temporarily closing session for vpnuser (session: eflZJ)
ocserv[498]: GnuTLS error (at worker-vpn.c:448): The TLS connection
was non-properly terminated.
ocserv[378]: main: WiFi Network IP:62515 user disconnected
ocserv[499]: worker: tlslib.c:378: no certificate was found
ocserv[382]: sec-mod: session open received in unauthenticated client
vpnuser (session: eflZJ)!
ocserv[378]: main[vpnuser]: WiFi Network IP:62516 could not initiate
session for 'vpnuser'
ocserv[378]: main[vpnuser]: WiFi Network IP:62516 could not open session
ocserv[378]: main[vpnuser]: WiFi Network IP:62516 failed
authentication attempt for user 'vpnuser'
ocserv[378]: main[vpnuser]: WiFi Network IP:62516 user logged in
ocserv[499]: worker: WiFi Network IP error receiving cookie authentication reply
ocserv[499]: worker: WiFi Network IP failed cookie authentication attempt
ocserv[378]: main[vpnuser]: WiFi Network IP:62516 user disconnected
--
Regards
Jacky
2015-05-06 15:36 GMT+08:00 Nikos Mavrogiannopoulos <nmav at gnutls.org>:
> On Mon, May 4, 2015 at 6:42 PM, jacky he <jacky.he at gmail.com> wrote:
>> Hi Nikos,
>> From 0.10.3, I find AnyConnect Client on iOS refuse to reconnnect to
>> server when roaming
>> from cellular network (3G/4G) to WiFi, but it's ok when roaming from
>> WiFi to 3G/4G.
>> I have tested 0.10.2 and 0.9.2, both work fine, I think maybe due to
>> this change from v0.10.3:
>> - Invalidate cookies when the user terminates the session explicitly.
>>
>> PS: I use pure certificate authentication, here is some ocserv log:
>>
>> ocserv[27196]: sec-mod: temporarily closing session for vpnuser (session: AI8xQ)
>> ocserv[27196]: sec-mod: invalidating session user 'vpnuser' (session: AI8xQ)
>> ocserv[27192]: main[vpnuser]: IP.IP.IP.IP:42703 user disconnected
>
> Could you quote the lines before these three in the log?
More information about the openconnect-devel
mailing list