vpn connection hangs with openconnect version >v5.01 after a couple of seconds...
Kaloyan Dimitrov
kaloyan.dimitrov at aviaso.com
Thu Mar 13 03:45:48 EDT 2014
Hi there,
Thanks for your time. Please find bellow the respective logs:
ip route before:
default via 10.55.1.1 dev eth0 proto static
10.55.1.0/24 dev eth0 proto kernel scope link src 10.55.1.223 metric 1
ip route after:
default via 10.55.1.1 dev eth0 proto static
10.54.3.0/24 dev tun0 scope link
10.54.3.1 dev tun0 scope link
10.54.5.0/24 dev tun0 scope link
10.54.10.17 dev tun0 scope link
10.55.1.0/24 dev tun0 scope link
10.55.1.0/24 dev eth0 proto kernel scope link src 10.55.1.223 metric 1
xxx.xxx.xxx.xxx via 10.55.1.1 dev eth0 src 10.55.1.223
[root at kalski-work CP]# openconnect -v xxx.xxxxxx.xxx
POST https://xxx.xxxxxx.xxx/
Attempting to connect to server xxx.xxx.xxx.xxx:443
SSL negotiation with xxx.xxxxxx.xxx
Connected to HTTPS on xxx.xxxxxx.xxx
Got HTTP response: HTTP/1.0 302 Object Moved
Content-Type: text/html
Content-Length: 0
Cache-Control: no-cache
Pragma: no-cache
Connection: Close
Date: Thu, 13 Mar 2014 07:32:32 GMT
Location: /+webvpn+/index.html
Set-Cookie: tg=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure
HTTP body length: (0)
GET https://xxx.xxxxxx.xxx/
Attempting to connect to server xxx.xxx.xxx.xxx:443
SSL negotiation with xxx.xxxxxx.xxx
Connected to HTTPS on xxx.xxxxxx.xxx
Got HTTP response: HTTP/1.0 302 Object Moved
Content-Type: text/html
Content-Length: 0
Cache-Control: no-cache
Pragma: no-cache
Connection: Close
Date: Thu, 13 Mar 2014 07:32:33 GMT
Location: /+webvpn+/index.html
Set-Cookie: tg=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure
HTTP body length: (0)
GET https://xxx.xxxxxx.xxx/+webvpn+/index.html
SSL negotiation with xxx.xxxxxx.xxx
Connected to HTTPS on xxx.xxxxxx.xxx
Got HTTP response: HTTP/1.1 200 OK
Transfer-Encoding: chunked
Content-Type: text/xml
Cache-Control: max-age=0
Set-Cookie: webvpn=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure
Set-Cookie: webvpnc=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure
Set-Cookie: webvpnlogin=1; secure
X-Transcend-Version: 1
HTTP body chunked (-2)
Please enter your username and password.
Username:xxx
Password:
POST https://xxx.xxxxxx.xxx/+webvpn+/index.html
Got HTTP response: HTTP/1.1 200 OK
Transfer-Encoding: chunked
Content-Type: text/xml
Cache-Control: max-age=0
Set-Cookie: webvpnlogin=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/;
secure
Set-Cookie: webvpn=<elided>; path=/; secure
Set-Cookie:
webvpnc=bu:/CACHE/stc/&p:t&iu:1/&sh:C5D90A44E405FF253F75E886D20E5D7549666553&lu:/+CSCOT+/translation-table?textdomain%3DAnyConnect%26type%3Dmanifest;
path=/; secure
X-Transcend-Version: 1
HTTP body chunked (-2)
TCP_INFO rcv mss 1380, snd mss 1380, adv mss 1460, pmtu 1500
Got CONNECT response: HTTP/1.1 200 OK
X-CSTP-Version: 1
X-CSTP-Address: 10.54.10.17
X-CSTP-Netmask: 255.255.255.255
X-CSTP-DNS: 10.54.3.1
X-CSTP-Lease-Duration: 1209600
X-CSTP-Session-Timeout: none
X-CSTP-Idle-Timeout: 10800
X-CSTP-Disconnected-Timeout: 10800
X-CSTP-Default-Domain: xxxx.xxx
X-CSTP-Split-Include: 10.55.1.0/255.255.255.0
X-CSTP-Split-Include: 10.54.3.0/255.255.255.0
X-CSTP-Split-Include: 10.54.5.0/255.255.255.0
X-CSTP-Keep: true
X-CSTP-Tunnel-All-DNS: false
X-CSTP-DPD: 15
X-CSTP-Keepalive: 20
X-CSTP-MSIE-Proxy-Lockdown: true
X-CSTP-Smartcard-Removal-Disconnect: true
X-CSTP-Content-Encoding: deflate
X-DTLS-Session-ID:
D71728E0D29B56A4BFC8C6769EBB987181A72358FFFD11D56EEB780DE2DA4487
X-DTLS-Port: 443
X-DTLS-Keepalive: 20
X-DTLS-DPD: 15
X-CSTP-MTU: 1367
X-DTLS-CipherSuite: AES256-SHA
X-CSTP-Routing-Filtering-Ignore: false
X-CSTP-TCP-Keepalive: true
CSTP connected. DPD 15, Keepalive 20
DTLS option X-DTLS-Session-ID :
D71728E0D29B56A4BFC8C6769EBB987181A72358FFFD11D56EEB780DE2DA4487
DTLS option X-DTLS-Port : 443
DTLS option X-DTLS-Keepalive : 20
DTLS option X-DTLS-DPD : 15
DTLS option X-DTLS-CipherSuite : AES256-SHA
DTLS initialised. DPD 15, Keepalive 20
Connected tun0 as 10.54.10.17, using SSL + deflate
No work to do; sleeping for 15000 ms...
No work to do; sleeping for 15000 ms...
Established DTLS connection (using GnuTLS)
No work to do; sleeping for 15000 ms...
Sent DTLS packet of 61 bytes; DTLS send returned 62
No work to do; sleeping for 10000 ms...
Received DTLS packet 0x00 of 78 bytes
No work to do; sleeping for 10000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 10000 ms...
Received DTLS packet 0x00 of 85 bytes
No work to do; sleeping for 10000 ms...
Sent DTLS packet of 70 bytes; DTLS send returned 71
No work to do; sleeping for 10000 ms...
Received DTLS packet 0x00 of 100 bytes
No work to do; sleeping for 10000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 9000 ms...
Received DTLS packet 0x00 of 85 bytes
No work to do; sleeping for 9000 ms...
Sent DTLS packet of 70 bytes; DTLS send returned 71
No work to do; sleeping for 9000 ms...
Received DTLS packet 0x00 of 100 bytes
No work to do; sleeping for 9000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 8000 ms...
Received DTLS packet 0x00 of 85 bytes
No work to do; sleeping for 8000 ms...
Sent DTLS packet of 70 bytes; DTLS send returned 71
No work to do; sleeping for 8000 ms...
Received DTLS packet 0x00 of 100 bytes
No work to do; sleeping for 8000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 7000 ms...
Received DTLS packet 0x00 of 85 bytes
No work to do; sleeping for 7000 ms...
Sent DTLS packet of 70 bytes; DTLS send returned 71
No work to do; sleeping for 7000 ms...
Received DTLS packet 0x00 of 100 bytes
No work to do; sleeping for 7000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 6000 ms...
Received DTLS packet 0x00 of 85 bytes
No work to do; sleeping for 6000 ms...
Sent DTLS packet of 70 bytes; DTLS send returned 71
No work to do; sleeping for 6000 ms...
Received DTLS packet 0x00 of 100 bytes
No work to do; sleeping for 6000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 5000 ms...
Received DTLS packet 0x00 of 85 bytes
No work to do; sleeping for 5000 ms...
Sent DTLS packet of 70 bytes; DTLS send returned 71
No work to do; sleeping for 5000 ms...
Received DTLS packet 0x00 of 100 bytes
No work to do; sleeping for 5000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 4000 ms...
Received DTLS packet 0x00 of 85 bytes
No work to do; sleeping for 4000 ms...
Sent DTLS packet of 70 bytes; DTLS send returned 71
No work to do; sleeping for 4000 ms...
Received DTLS packet 0x00 of 100 bytes
No work to do; sleeping for 4000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 3000 ms...
Received DTLS packet 0x00 of 85 bytes
No work to do; sleeping for 3000 ms...
Sent DTLS packet of 70 bytes; DTLS send returned 71
No work to do; sleeping for 3000 ms...
Received DTLS packet 0x00 of 100 bytes
No work to do; sleeping for 3000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 2000 ms...
Received DTLS packet 0x00 of 85 bytes
No work to do; sleeping for 2000 ms...
Sent DTLS packet of 70 bytes; DTLS send returned 71
No work to do; sleeping for 2000 ms...
Received DTLS packet 0x00 of 100 bytes
No work to do; sleeping for 2000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 1000 ms...
Received DTLS packet 0x00 of 85 bytes
No work to do; sleeping for 1000 ms...
Sent DTLS packet of 70 bytes; DTLS send returned 71
No work to do; sleeping for 1000 ms...
Received DTLS packet 0x00 of 100 bytes
No work to do; sleeping for 1000 ms...
Send CSTP DPD
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 7000 ms...
Got CSTP DPD response
No work to do; sleeping for 14000 ms...
Received DTLS packet 0x00 of 85 bytes
No work to do; sleeping for 15000 ms...
Sent DTLS packet of 70 bytes; DTLS send returned 71
No work to do; sleeping for 15000 ms...
Received DTLS packet 0x00 of 100 bytes
No work to do; sleeping for 15000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 14000 ms...
Received DTLS packet 0x00 of 85 bytes
No work to do; sleeping for 14000 ms...
Sent DTLS packet of 70 bytes; DTLS send returned 71
No work to do; sleeping for 14000 ms...
Received DTLS packet 0x00 of 100 bytes
No work to do; sleeping for 14000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 13000 ms...
Received DTLS packet 0x00 of 85 bytes
No work to do; sleeping for 13000 ms...
Sent DTLS packet of 70 bytes; DTLS send returned 71
No work to do; sleeping for 13000 ms...
Received DTLS packet 0x00 of 100 bytes
No work to do; sleeping for 13000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 12000 ms...
Received DTLS packet 0x00 of 85 bytes
No work to do; sleeping for 12000 ms...
Sent DTLS packet of 70 bytes; DTLS send returned 71
No work to do; sleeping for 12000 ms...
Received DTLS packet 0x00 of 100 bytes
No work to do; sleeping for 12000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 11000 ms...
Received DTLS packet 0x00 of 85 bytes
No work to do; sleeping for 11000 ms...
Sent DTLS packet of 70 bytes; DTLS send returned 71
No work to do; sleeping for 11000 ms...
Received DTLS packet 0x00 of 100 bytes
No work to do; sleeping for 11000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 10000 ms...
Received DTLS packet 0x00 of 85 bytes
No work to do; sleeping for 10000 ms...
Sent DTLS packet of 70 bytes; DTLS send returned 71
No work to do; sleeping for 10000 ms...
Received DTLS packet 0x00 of 100 bytes
No work to do; sleeping for 10000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 9000 ms...
Received DTLS packet 0x00 of 85 bytes
No work to do; sleeping for 9000 ms...
Sent DTLS packet of 70 bytes; DTLS send returned 71
No work to do; sleeping for 9000 ms...
Received DTLS packet 0x00 of 100 bytes
No work to do; sleeping for 9000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 8000 ms...
Received DTLS packet 0x00 of 85 bytes
No work to do; sleeping for 8000 ms...
Sent DTLS packet of 70 bytes; DTLS send returned 71
No work to do; sleeping for 8000 ms...
Received DTLS packet 0x00 of 100 bytes
No work to do; sleeping for 8000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 7000 ms...
Received DTLS packet 0x00 of 85 bytes
No work to do; sleeping for 7000 ms...
Sent DTLS packet of 70 bytes; DTLS send returned 71
No work to do; sleeping for 7000 ms...
Received DTLS packet 0x00 of 100 bytes
No work to do; sleeping for 7000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 6000 ms...
Received DTLS packet 0x00 of 85 bytes
No work to do; sleeping for 6000 ms...
Sent DTLS packet of 70 bytes; DTLS send returned 71
No work to do; sleeping for 6000 ms...
Received DTLS packet 0x00 of 100 bytes
No work to do; sleeping for 6000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 5000 ms...
Received DTLS packet 0x00 of 85 bytes
No work to do; sleeping for 5000 ms...
Sent DTLS packet of 70 bytes; DTLS send returned 71
No work to do; sleeping for 5000 ms...
Received DTLS packet 0x00 of 100 bytes
No work to do; sleeping for 5000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 4000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 3000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 2000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 1000 ms...
Send CSTP DPD
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 7000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 6000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 5000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 4000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 3000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 2000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 1000 ms...
Send CSTP DPD
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 3000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 2000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 1000 ms...
Send DTLS DPD
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 4000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 3000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 2000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 1000 ms...
Send CSTP DPD
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 3000 ms...
Sent DTLS packet of 84 bytes; DTLS send returned 85
No work to do; sleeping for 2000 ms...
CSTP Dead Peer Detection detected dead peer!
On 03/12/2014 07:49 PM, David Woodhouse wrote:
> On Wed, 2014-03-12 at 10:23 -0700, Kevin Cernekee wrote:
>> Could you please post the full log, running with the "-v" flag?
> And output of 'ip route' both before and after connecting.
>
--
Kaloyan Dimitrov
Software Developer
Aviaso Inc
Huobstrasse 10 CH-8808 Pfaeffikon Switzerland
Phone: +41 55 422 0000
kaloyan.dimitrov at aviaso.com www.aviaso.com
More information about the openconnect-devel
mailing list