AnyConnect MFA code entry does not work with latest OpenConnect
Daniel Lenski
dlenski at gmail.com
Mon May 22 13:33:40 PDT 2023
On Mon, May 22, 2023 at 9:40 AM David Gstir <david at sigma-star.at> wrote:
> I’m running into issue #489 [1] with the latest OpenConnect v9.12-3-ga4f1a345.
> Unfortunately none of the suggested solutions there work for me. I’ve also tried
> the --form-entry workaround from [2]. See the dump below.
>
> It does work fine though with the official Cisco AnyConnect Secure Mobility Client v4.10.05095 for Linux. :-/
>
> Do you have any idea or hint on how to work around that?
Nope. If none of the previously discovered workarounds are helping,
we're kind of out of ideas.
> me at host:~/openconnect/openconnect$ ./openconnect -vvv --dump --user MYUSERNAME --os=win --useragent 'Cisco AnyConnect VPN Agent for Windows 4.9.0195' XXXXXX
…
> Got HTTP response: HTTP/1.1 404 Not Found
It seems possible that this is actually issue #544 (~= "newer Cisco
servers require `--useragent=AnyConnect`, otherwise they get stuck in
the usually non-functional non-XMLPOST auth path").
See more details in
https://gitlab.com/openconnect/openconnect/-/issues/544#note_1222936179,
and let us know if that helps to address the problem.
Dan
More information about the openconnect-devel
mailing list