Not properly disconnecting to server

David Woodhouse dwmw2 at
Tue Aug 15 11:40:04 PDT 2017

On Tue, 2017-08-15 at 11:34 -0700, Mike Miller wrote:
> On Tue, Aug 15, 2017 at 09:22:32 -0500, Liam Healy wrote:
> > 
> > I am running OpenConnect from Debian 9.1. After a connection, when
> > I
> > disconnect (by unchecking the "VPN Connections" box on
> > NetworkManager), it does not send the proper disconnect signal to
> > the
> > server; this was noticed by someone watching the logs on the server
> > side, who said that after I did this, the server thought the
> > connection was still open. This is causing problems because when I
> > reconnect, if I am assigned a different server by the load
> > balancer,
> > there are two connections open and performance is very bad.
> > 
> > Is there a known remedy to this problem, and if not, what should I
> > do
> > and post to help find a remedy?
> Yes, this is known [1] and has been fixed [2] on the NM OpenConnect
> development branch for the next release (1.2.6 I guess).
> [1]:
> [2]:
> ?id=a27fd1a5e9ad66ca1f45fda771c8e20d2292aee2

Although that's far from a complete solution, as it *only* covers the
case where you explicitly disconnect. If you lose connectivity on your
physical network and the VPN disconnects because of that, you have the
same problem.

We really ought to *store* the auth cookie in memory in
nm-openconnect-service (which should persist as long as the cookie is
valid, instead of exiting when idle as the parent class does). Then
subsequent connection attempts can use the *same* cookie to reconnect.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4938 bytes
Desc: not available
URL: <>

More information about the openconnect-devel mailing list