Available for support for F5 + MFA
Antonio Petrelli
antonio.petrelli at gmail.com
Wed Aug 4 09:44:07 PDT 2021
Il giorno mer 4 ago 2021 alle ore 18:08 Daniel Lenski
<dlenski at gmail.com> ha scritto:
>
> Since you've already arrived at the "webtop" interface, you've already
> completed the login process and you already have the credential (the
> cookie named 'MRHSession') which OpenConnect requires to be able to
> actually configure and connect to the VPN tunnel.
>
> I believe you should be able to simply capture the value of
> <MRHSession-Cookie> (using the browser dev tools), and then run
> OpenConnect as follows:
>
> openconnect --dump -vvvv --prot=f5 \
> --cookie "MRHSession=<MRHSession-Cookie>" \
> <corporate-vpn-host-name>
>
> (Important: do NOT close the browser window before running this
> command; that may cause it to logoff the session and invalidate the
> cookie)
>
> I'll wager 70% odds that this Just Works. If that doesn't work, then I
> guess we'll have to figure out what the "token" and
> "access-session-token" values mean, and how they get used by the f5vpn
> binary.
OK thanks, the part that I missed is how to send this cookie.
About testing I have a few questions because the site is confusing to me:
1. Are there any nightly pre-built binaries of the source code?
2. If not, what is the repository, the one at infradead.org or the one
at GitLab?
3. What branch should I use, master?
In the meantime I am cloning the GitLab repository at master, since it
seems the most updated, but correct me if I am wrong!
I will let you know about the tests, thanks again!
Antonio
More information about the openconnect-devel
mailing list