unable to use RSA SecureID on Unbuntu 14.04 LTS 64 bit

Mark Kolmar mark at burningrome.com
Thu Jul 31 08:21:10 PDT 2014

On 7/29/2014 5:54 PM, Kevin Cernekee wrote:
> If you don't use "openconnect --token-mode" at all, can you log on by
> manually typing the appropriate password into each blank?

No. OpenConnect prompts for one password (not counting the one to access 
the token). The website login page only displays 2 input fields, 
username and password. This works on the old VPN where tokens are not used.

The websites do have a page that has input fields for username and 
one-time password. Whether I enter a possibly correct or definitely 
wrong one-time password makes no difference. On submit, it continues to 
the login page. There, prefix+tokencode and the AD password both fail.

The company thinks the website will not work on the new VPN. I am 
starting to get the impression that this Cisco VPN server with Cisco 
client communicate differently, that it may not be possible for 
OpenConnect to pass the required credentials in the expected way through 
HTTP over SSL.


More information about the openconnect-devel mailing list