IPv6 in AnyConnect for iOS

sskaje sskaje at gmail.com
Sun Dec 28 07:46:15 PST 2014 

Weird, I made these changes, headers are sent correctly like

ocserv[24892]: worker[sskaje]: 61.149.12.68:58680 sending IPv6
2400:8900:e000:xxxx:xxxx:2f:f9e5:c701/64
ocserv[24892]: worker[sskaje]: 61.149.12.68:58680 =============
X-CSTP-Address: 2400:8900:e000:xxxx:xxxx:2f:f9e5:c701/64


but this time, in AnyConnect debug log,
v6 2400:8900:e000:xxxx:xxxx:2f:f9e5:c701/64/null (fake ? no)

why always null...

and previous lines,
client ipv6 address: ip above
client ipv6 mask: unknown

maybe there is another format ?
like another x-cstp-address + x-cstp-netmask ?


sskaje at gmail.com
https://sskaje.me/


On Sun, Dec 28, 2014 at 11:39 PM, sskaje <sskaje at gmail.com> wrote:
> in ip-lease.c
>
> static
> int get_ipv6_lease(main_server_st* s, struct proc_st* proc)
> {
> ...
>     if (proc->config.ipv6_network && proc->config.ipv6_prefix) {
>         c_network = proc->config.ipv6_network;
>         c_netmask = ipv6_prefix_to_mask(proc, proc->config.ipv6_prefix);
>     } else {
>         c_network = s->config->network.ipv6;
>     //  c_netmask = ipv6_prefix_to_mask(proc, proc->config.ipv6_prefix);
>         c_netmask = ipv6_prefix_to_mask(proc, s->config->network.ipv6_prefix);
>     }
>
>
> int get_ip_leases(main_server_st *s, struct proc_st *proc)
> {
> ...
>     //  if (proc->ipv6 && proc->ipv4->db) {
>         if (proc->ipv6 && proc->ipv6->db) {
>
>
>
> sskaje at gmail.com
> https://sskaje.me/
>
>
> On Sun, Dec 28, 2014 at 10:11 PM, sskaje <sskaje at gmail.com> wrote:
>> I'm trying to find out what's changed between 0.8.9 and 0.9.0, this
>> time ws->config->ipv6_network is null, and ws->vinfo.ipv6 also null.
>>
>>
>>
>> sskaje at gmail.com
>> https://sskaje.me/
>>
>>
>> On Sun, Dec 28, 2014 at 3:52 PM, Nikos Mavrogiannopoulos
>> <nmav at gnutls.org> wrote:
>>> On Sun, 2014-12-28 at 12:00 +0800, sskaje wrote:
>>>> I tried:
>>>>
>>>>         if (strncasecmp(req->user_agent, "Open Any", 8) == 0) {
>>>>             if (strncmp(req->user_agent, "Open AnyConnect VPN Agent
>>>> v3", 28) == 0)
>>>>                 req->user_agent_type = AGENT_OPENCONNECT_V3;
>>>>             else
>>>>                 req->user_agent_type = AGENT_OPENCONNECT;
>>>>         } else if (strncasecmp(req->user_agent, "Cisco Any", 8) == 0) {
>>>>             req->user_agent_type = AGENT_OPENCONNECT;
>>>>         }
>>>>
>>>>
>>>> IPv6 address is recognized by AnyConnect for iOS, but with a 'null'
>>>> cidr. I tried the changes I made in worker-auth.c, same.
>>>
>>> Based on David's comment, I've modified worker-vpn.c in master to send
>>> IPv6 addresses together with prefix in both anyconnect and openconnect.
>>> Could you try it?
>>>
>>> regards,
>>> Nikos
>>>
>>>

More information about the openconnect-devel mailing list