issue with a (possibly idiosyncratic) Juniper server

David Woodhouse dwmw2 at infradead.org
Fri Sep 11 07:31:52 PDT 2015


On Fri, 2015-09-11 at 10:06 -0400, Thomas Lippincott wrote:
> Hello,
> I'm in the unenviable position of needing to connect to a university VPN 
> from a linux laptop, and it appears that there is a barrier where one 
> needs to log in via a university page before proceeding to the actual 
> VPN log in (at least, that's what I gather from the output, I've 
> included the redacted output below).  I was wondering if this is 
> something that has come up before and has a known solution/workaround, 
> or what the best way to proceed.  Thanks!

Right. OpenConnect currently has some hacks to 'parse' the basic
standard HTML forms that the Juniper server offers, but many systems
wrap it with other non-standard pages and authentication methods.

We *really* need to do this with a proper HTML renderer (or web
browser). Rather than parsing just the special cases we know about, we
should pass the whole HTML page out to be presented to the user.

If anyone feels like working on that, it would be much appreciated. It
shouldn't even be *that* hard.

In the meantime, one option is to try using a real web browser to go
through the process. And once you get to the stage where you're
authenticated and you have a DSID cookie, *then* invoke openconnect.

-- 
dwmw2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5691 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20150911/88384212/attachment.bin>


More information about the openconnect-devel mailing list