Follow-up: OpenConnect connections unusably slow

Thomas Richter richter at
Mon Jun 17 03:09:51 EDT 2013

Dear OpenConnect developers,

this is again a followup on the usuably slow OpenConnect "connections" 
(I dare to say). As said, this is not a hardware problem as the problem 
persists if I move the harddisk to a completely different system.

To remind you, openconnect does (or did, see below) work on an older 
system, but it did not on a newer one.

What I did yesterday is that I installed the latest debian (Wheezy) on 
the old system and - voila - OpenConnect is "broken successfully". The 
same symptoms as on the newer system. I can only suspect that due to the 
more frequent use of the newer system, some security update was 
installed that also broke openconnect.

I did some research on this issue: What's used here in the computing 
center is Cisco hardware. I also found several indicators on your 
website that, apparently, something's wrong with Cisco's 
"interpretation" of DTLS. I *seem* to remember that in one of my earlier 
installation attempts, I had to patch the libssl to include some kind of 
fix or workaround for the Cisco quirk. Does this ring a bell for some of 
the developers here? Any other idea where to look?

BTW, as already stated, turning *off* DTLS fixes the issue, so it is 
definitely DTLS related.

Any ideas what can be done to fix this problem? As said, OpenConnect 
currently simply doesn't work for me. I would - as a last resort - at 
least need a "Disable DTLS" switch in the network manager, though a 
suitable workaround for the CISCO issue would be preferable.


More information about the openconnect-devel mailing list