CISCO_SPLIT_INC_* not set correctly

Kevin Cernekee cernekee at gmail.com
Wed Apr 16 11:16:59 PDT 2014


On Wed, Apr 16, 2014 at 10:50 AM, Fabian Jäger
<fabian.jaeger at chungwasoft.com> wrote:
> Dear all,
> I have a user of Shimo (using openconnect internally) wo claims that CISCO_SPLIT_INC_* environment variables are not set correctly in 5.99 and that it was working with 5.02.
>
> Is there anything know related to such an issue? The corresponding thread in our forum can be found here: http://www.chungwasoft.com/support/community/discussion/936/openconnect-not-setting-routes-correctly#Item_3

>From the linked post:

> The values for INTERNAL_IP4_ADDRESS are also different when I connect using 3336 and 2587

> Also - there are X-CSTP-Split-Include variables set when connecting using 2587 that do not exist in 3336 as well

Can we conclude that the gateway is actually sending different
X-CSTP-* data in the headers?  So maybe a different authgroup is being
selected in 2587 versus 3336?

Perhaps the user wanted "BCSI-SV-Split" but is actually getting logged
into "BCSI-SV-FULL"?

Is it possible that sending the correct platform name "mac-intel" now
enables XML POST and this requires implementation of
OC_FORM_RESULT_NEWGROUP in the Shimo UI?

If possible it would be good to run the stock openconnect CLI with
--dump-http-traffic for both cases, and compare the results.



More information about the openconnect-devel mailing list