AnyConnect Secure Mobility Client (ACSMC) failed to connect to ocserv with certificate
David Woodhouse
dwmw2 at infradead.org
Sat Jan 10 12:39:52 PST 2015
> I found my server had two IPs, and the source IP of the "Server Hello"
> is not the same as the destination IP of the "Client Hello". After
> chaning the server IP, now the "DTLS handshake failed" problem with
> OpenConnect-GUI is gone.
I would argue that's a server bug. If we accept incoming DTLS on a given
IP address the we should also bind() to that address before replying.
> As for ACSMC, it still doesn't work after upgrading to v4.0.
Cisco's client is... not the best piece of software I have ever encountered.
There's a reason I wrote my own client.
--
dwmw2
More information about the openconnect-devel
mailing list