AnyConnect MFA code entry does not work with latest OpenConnect
David Gstir
david at sigma-star.at
Tue May 23 00:29:34 PDT 2023
Hi Dan,
> On 22.05.2023, at 22:33, Daniel Lenski <dlenski at gmail.com> wrote:
>
> On Mon, May 22, 2023 at 9:40 AM David Gstir <david at sigma-star.at> wrote:
>> I’m running into issue #489 [1] with the latest OpenConnect v9.12-3-ga4f1a345.
>> Unfortunately none of the suggested solutions there work for me. I’ve also tried
>> the --form-entry workaround from [2]. See the dump below.
>>
>> It does work fine though with the official Cisco AnyConnect Secure Mobility Client v4.10.05095 for Linux. :-/
>>
>> Do you have any idea or hint on how to work around that?
>
> Nope. If none of the previously discovered workarounds are helping,
> we're kind of out of ideas.
>
>> me at host:~/openconnect/openconnect$ ./openconnect -vvv --dump --user MYUSERNAME --os=win --useragent 'Cisco AnyConnect VPN Agent for Windows 4.9.0195' XXXXXX
> …
>> Got HTTP response: HTTP/1.1 404 Not Found
>
> It seems possible that this is actually issue #544 (~= "newer Cisco
> servers require `--useragent=AnyConnect`, otherwise they get stuck in
> the usually non-functional non-XMLPOST auth path").
>
> See more details in
> https://gitlab.com/openconnect/openconnect/-/issues/544#note_1222936179,
> and let us know if that helps to address the problem.
that did the trick! Somehow I missed that issue when looking for a solution…
Thanks!
- David
More information about the openconnect-devel
mailing list