CSD use and impossible to connect (Linux)

Fromzy fromzy at gmail.com
Fri Jan 2 15:24:40 PST 2015 

Hi all,

Happy new year to all and thanks for your great job :)

I'm trying to connect to my company VPN that uses CSD.
I have tried to look at documentation and followed this blog post :
http://blog.yunak.eu/2013/07/19/openconnect/ and I have used this
csd-wrapper script :
https://gist.github.com/l0ki000/56845c00fd2a0e76d688#file-csd-wrapper-sh

Here is my launching command :
openconnect --no-cert-check --csd-user=stef --no-xmlpost
--csd-wrapper=csd-wrapperv4 https://MYCOMPANYSITE.com

Unfortunately, I'm still blocked due to cstub that refuses to accept
"prelogin' :
Extract from cstub.log :
[Sat Jan 03 00:08:52.876 2015][cstub][error][run] prelogin failed.
[Sat Jan 03 00:08:52.876 2015][cstub][debug][hs_cache_reset] Resetting
cache for '0'
[Sat Jan 03 00:08:52.876 2015][cstub][debug][hs_transport_free]
de-initialization
[Sat Jan 03 00:08:52.877 2015][cstub][debug][hs_transport_free]
de-initialization done
[Sat Jan 03 00:08:52.877 2015][cstub][info][halt] goodbye (-14)

I also have a cscan.log (extract at the end of the file);
[Sat Jan 03 00:08:52.876 2015][cscan][debug][hs_transport_get_data]
getting data done
[Sat Jan 03 00:08:52.876
2015][cscan][debug][hs_download_file_to_buffer] downloaded file:
/CACHE/sdesktop/data.xml (5
155 bytes)
[Sat Jan 03 00:08:52.876 2015][cscan][debug][scan_set_cfg_from_host]
config data downloaded.
[Sat Jan 03 00:08:52.876 2015][cscan][debug][scan_set_cfg_from_host]
set cfg data from host.
[Sat Jan 03 00:08:52.876 2015][cscan][debug][prelogin] obtained CSD
configuration data.
[Sat Jan 03 00:08:52.876 2015][cscan][all][parse_config] Logging level
directive (error) received from headend
[Sat Jan 03 00:08:52.876 2015][cscan][all][parse_config] Logging level
set to the minimum permissible (warn)
[Sat Jan 03 00:08:52.876 2015][cscan][warn][parse_prelogin] prelogin denied!
[Sat Jan 03 00:08:52.876 2015][cscan][error][cfg_process] prelogin failed.
[Sat Jan 03 00:08:52.878 2015][cscan][all][reset_connection_cb] ***
reset connection [1d90f30] from pid: [26383] ***
[Sat Jan 03 00:08:52.878 2015][cscan][all][reset_connection_cb] cscan
exiting due to broken IPC
[Sat Jan 03 00:08:52.880 2015][cscan][all][halt] goodbye (1)

What I see from openconnect output :
Launching: /home/stef/.cisco/hostscan/bin/cstub -log error -ticket
"4D5FAB8D6495C4245C9F14B7" -stub "0" -group "" -host
"https://MYCOMPANYSITE/CACHE/sdesktop/install/result.htm" -certhash
"9320F127C1C9D870AC5FAD2A755AA7CB:"
Refreshing +CSCOE+/sdesktop/wait.html after 1 second...
GET https://MYCOMPANYSITE/+CSCOE+/sdesktop/wait.html
Refreshing +CSCOE+/sdesktop/wait.html after 1 second...
....

Do not hesitate of course to ask as many information as needed

Thanks in advance

--
Fromzy

More information about the openconnect-devel mailing list