issue with a (possibly idiosyncratic) Juniper server
Thomas Lippincott
tom.lippincott at gmail.com
Fri Sep 11 07:06:57 PDT 2015
Hello,
I'm in the unenviable position of needing to connect to a university VPN
from a linux laptop, and it appears that there is a barrier where one
needs to log in via a university page before proceeding to the actual
VPN log in (at least, that's what I gather from the output, I've
included the redacted output below). I was wondering if this is
something that has come up before and has a known solution/workaround,
or what the best way to proceed. Thanks!
-Tom
root at laptop:/home/tom# openconnect --juniper https://JUNIPER.SCHOOL.edu
--no-cert-check
WARNING: Juniper Network Connect support is experimental.
It will probably be superseded by Junos Pulse support.
GET https://JUNIPER.SCHOOL.edu/
Attempting to connect to server SERVER:443
SSL negotiation with JUNIPER.SCHOOL.edu
Connected to HTTPS on JUNIPER.SCHOOL.edu
Got HTTP response: HTTP/1.1 302 Found
GET https://JUNIPER.SCHOOL.edu/dana-na/auth/url_default/welcome.cgi
SSL negotiation with JUNIPER.SCHOOL.edu
Connected to HTTPS on JUNIPER.SCHOOL.edu
Got HTTP response: HTTP/1.1 302 Moved
GET https://JUNIPER.SCHOOL.edu/dana-na/auth/url_default/login.cgi?realm=ECG
SSL negotiation with JUNIPER.SCHOOL.edu
Connected to HTTPS on JUNIPER.SCHOOL.edu
Got HTTP response: HTTP/1.1 302 Moved
GET
https://shibboleth.SCHOOL.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=rZJdb4MgFIb%2FiuFeUaPtJNWlW7OsyT6a1uxiNwsCrXQUGAf38e%2Bndsm6m17t%0AmvccnueFGdCDsmTe%2BVavxVsnwAefB6WBjAcl6pwmhoIEoulBAPGMbOb3dySN%0AYmKd8YYZhYJFPyc19dLoErXeWyAYQyubxijh22jfRoJ3WHKL%2B6GtVAIPW1K8%0AFlw6wTzebB5RcGMcEyNLiWIULBcleqGTfBrH22LCOGVZXjQZb4pps2UXcZbF%0Ak6aPAXRiqcFT7UuUxkkexkWYJHWSkiwn6fQZBasf1CupudS7817NMQTktq5X%0A4epxU48L3iUX7qFP%2FyruW9spENHetBpaY1%2BlhtGUU01DTTHtZfBQZSg0t0Zq%0AH7GdvLQl2AwFT8LBWFl%2FK6pmQ46MNu7kEc6zUgDhht5R9S9QM3xCcUSyZJBe%0ALlZGSfYVzJUyH9dOUN8XkSBcHUf%2BfqLqGw%3D%3D%0A&RelayState=https%3A%2F%2FJUNIPER.SCHOOL.edu&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=12zan5Nnnk4gOdoVBoL3Y5bTaWo1FmIsgEcwY0ufKI5FjEQHVNVdCXz9RxnmXLNIp6To4dofu4PVxpCxAAGdWvenUuWPwW7XxcTt0xWYxSfACtxdu9yU5X6UQedAAlwedcfIsfZvjlRBSVeoT1bdYvWYDtzjARyLEne76KpEW7PyIYAwSPm8%2F%2FLV7i5NfbVC6oh15u%2BCIsdq1DJoOR51nLM6WIsvEZNg8Mt4TXKgoUyhy7kJNqlYb3%2BOfH6yzfQJlE12yMXNOd%2BounmYHetG2NhKarH%2BWVuW4WmKbppKBNs%2F4snz%2FS6672tj5KIxI0RZeQIHeHmRDKNV6r1Qz36gAQ%3D%3D
Attempting to connect to server SERVER:443
SSL negotiation with shibboleth.SCHOOL.edu
Connected to HTTPS on shibboleth.SCHOOL.edu
Got HTTP response: HTTP/1.1 302 Found
GET https://shibboleth.SCHOOL.edu/idp/AuthnEngine
SSL negotiation with shibboleth.SCHOOL.edu
Connected to HTTPS on shibboleth.SCHOOL.edu
Got HTTP response: HTTP/1.1 302 Found
GET https://shibboleth.SCHOOL.edu/idp/Authn/JUNIPER
SSL negotiation with shibboleth.SCHOOL.edu
Connected to HTTPS on shibboleth.SCHOOL.edu
Got HTTP response: HTTP/1.1 302 Found
GET
https://login.SCHOOL.edu/siteminderagent/SmMakeCookie.ccc?r12smSESSION=QUERY&PERSIST=0&TARGET=-SM-https%3a%2f%2fshibboleth%2e%2eedu%2fidp%2fAuthn%2fJUNIPER
Attempting to connect to server SERVER:443
SSL negotiation with login.SCHOOL.edu
Connected to HTTPS on login.SCHOOL.edu
Got HTTP response: HTTP/1.1 302 Found
GET https://shibboleth.SCHOOL.edu/idp/Authn/JUNIPER?r12smSESSION=NO
Attempting to connect to server SERVER:443
SSL negotiation with shibboleth.SCHOOL.edu
Connected to HTTPS on shibboleth.SCHOOL.edu
Got HTTP response: HTTP/1.1 302 Found
GET
https://login.SCHOOL.edu/cgi-bin/allinonelogin.pl?BASIC=FALSE&AUTHLEVEL=ESA&AUTHDB=PROD&RD=20120821&TYPE=33554432&REALMOID=06-7025daee-ba2a-422b-8a1e-7728c6cf2e93&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=aE6odCDrycErDEohmeSuHADP1SpeLFmwifdzqRXuiFdebNo475gHL0tPcpCtAaDI&TARGET=-SM-HTTPS%3a%2f%2fshibboleth%2e%2eedu%2fidp%2fAuthn%2fJUNIPER
Attempting to connect to server SERVER:443
SSL negotiation with login.SCHOOL.edu
Connected to HTTPS on login.SCHOOL.edu
Got HTTP response: HTTP/1.1 302 Moved
GET
https://login.SCHOOL.edu/cgi-bin/allinonelogin.pl?BASIC=FALSE&AUTHLEVEL=ESA&AUTHDB=PROD&RD=20120821&TYPE=33554432&REALMOID=06-7025daee-ba2a-422b-8a1e-7728c6cf2e93&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=aE6odCDrycErDEohmeSuHADP1SpeLFmwifdzqRXuiFdebNo475gHL0tPcpCtAaDI&TARGET=-SM-HTTPS%3a%2f%2fshibboleth%2e%2eedu%2fidp%2fAuthn%2fJUNIPER&TIMESTRING=1441975529
SSL negotiation with login.SCHOOL.edu
Connected to HTTPS on login.SCHOOL.edu
Unknown form ID 'loginform'
Dumping unknown HTML form:
<form method="POST"
action="https://login.SCHOOL.edu/siteminderagent/forms/esalogin.fcc?TYPE=33554432&SMAGENTNAME=aE6odCDrycErDEohmeSuHADP1SpeLFmwifdzqRXuiFdebNo475gHL0tPcpCtAaDI&REALMOID=06-7025daee-ba2a-422b-8a1e-7728c6cf2e93&TARGET=-SM-HTTPS%3a%2f%2fshibboleth%2e%2eedu%2fidp%2fAuthn%2fJUNIPER&GUID=&SMAUTHREASON=0&METHOD=GET"
name="loginform" onsubmit="return false;">
<!-- <span class="infoText">Login ID:</span> -->
<input type="text" value="" id="USER" name="USER"
class="inputField" size="30" onkeypress="checkkey(event);"
autocomplete="OFF" placeholder="Login ID" style="padding-left: 10px">
<br>
<br>
<!-- <span class="infoText">Password:</span> -->
<input type="password" value="" id="PASSWORD" name="PASSWORD"
class="inputField" size="30" autocomplete="OFF"
onkeypress="checkkey(event)" placeholder="Password" style="padding-left:
10px">
<input type="HIDDEN" name="doit" id="doit">
<input type="HIDDEN" name="eatarget" id="eatarget"
value="-SM-HTTPS%3a%2f%2fshibboleth%2e%2eedu%2fidp%2fAuthn%2fJUNIPER">
<input type="HIDDEN" name="authlevelform" id="eatarget" value="ESA">
<input type="HIDDEN" name="ADBASEDN" id="ADBASEDN" value="">
<input type="HIDDEN" name="AUTHDB" id="AUTHDB" value="PROD">
<input type="HIDDEN" name="TOKEN" id="TOKEN">
<input type="HIDDEN" name="RISK" id="RISK">
<input type="hidden" name="fp5" id="fp5" value="">
<input type="hidden" name="os" id="os" value="">
<input type="hidden" name="osbits" id="osbits" value="">
<input type="hidden" name="timezone" id="timezone" value="">
<input type="hidden" name="display" id="display" value="">
<input type="hidden" name="useragent" id="useragent" value="">
<input type="hidden" name="browser" id="browser" value="">
<input type="hidden" name="pluginsdetail" id="pluginsdetail"
value="">
<input type="hidden" name="languages" id="languages" value="">
<input type="hidden" name="fonts" id="fonts" value="">
<input type="hidden" name="flash" id="flash" value="">
<input type="hidden" name="silverlight" id="silverlight" value="">
<input type="hidden" name="java" id="java" value="">
<input type="hidden" name="cookies" id="cookies" value="">
<script>
var fp5 = new Fingerprint({canvas: true, ie_activex: true,
screen_resolution: true});
var fpdata = fp5.get();
document.getElementById('fp5').value = fpdata;
document.getElementById('os').value = fingerprint_os();
document.getElementById('osbits').value = fingerprint_bt();
document.getElementById('timezone').value =
fingerprint_timezone();
document.getElementById('display').value = fingerprint_display();
document.getElementById('useragent').value =
fingerprint_useragent();
document.getElementById('browser').value = fingerprint_browser();
document.getElementById('pluginsdetail').value =
fingerprint_plugins();
document.getElementById('languages').value =
fingerprint_language();
document.getElementById('fonts').value = fingerprint_fonts();
document.getElementById('flash').value = fingerprint_flash();
document.getElementById('silverlight').value =
fingerprint_silverlight();
document.getElementById('java').value = fingerprint_java();
document.getElementById('cookies').value = fingerprint_cookie();
</script>
<div align="left" style="padding-top: 10px;">
<div id="loginbutton" style="float: left;" onclick="buttonclick();return
true;"><input type="button" id="submit1" name="submit1"
class="css3button gradient" value="Login"></div>
<div id="resultdiv" style="float: left;"> </div>
</div>
</form>Failed to obtain WebVPN cookie
More information about the openconnect-devel
mailing list