openconnect with safenet token

David Woodhouse dwmw2 at infradead.org
Tue Aug 12 16:12:57 PDT 2014


On Wed, 2014-07-09 at 11:49 -0700, Kevin Cernekee wrote:
> On Wed, Jul 9, 2014 at 11:38 AM, DeadManMoving <sequel at neofreak.org> wrote:
> > Under windows, when using cisco anyconnect and the above software from
> > safenet, when i connect to the VPN, anyconnect is prompting me for my
> > username and the passcode (PIN+token) so, i generate a token with the
> > safenet software then i enter my PIN+token given to me by the software.
> 
> Currently the TOTP/HOTP code tries to fill in the secondary_password
> field on the auth form.  Maybe this is not the right behavior for the
> server you're using?  Can you post the server name and/or
> --dump-http-traffic logs?

Did you sort this out?

I have HOTP tokens from a file working correctly now. You put the token
in the file in the same form we want it on the command line
("secret,counter"), and it'll update that file.

It also works with NetworkManager-openconnect, updating the secret in
the NM secret storage each time a token is generated.

I've almost got PSKC support too, except for a libpskc bug:
https://bugzilla.redhat.com/show_bug.cgi?id=1129491

-- 
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20140813/4f701de8/attachment.bin>


More information about the openconnect-devel mailing list