issue with a (possibly idiosyncratic) Juniper server

Thomas Lippincott tom.lippincott at
Fri Sep 11 07:54:41 PDT 2015

I can get a DSID cookie, e.g. by logging in through a browser and 
finding the value: how do I pass this to openconnect?  Is there a 
general mechanism for setting key-value pairs?

On 09/11/2015 10:31 AM, David Woodhouse wrote:
> On Fri, 2015-09-11 at 10:06 -0400, Thomas Lippincott wrote:
>> Hello,
>> I'm in the unenviable position of needing to connect to a university VPN
>> from a linux laptop, and it appears that there is a barrier where one
>> needs to log in via a university page before proceeding to the actual
>> VPN log in (at least, that's what I gather from the output, I've
>> included the redacted output below).  I was wondering if this is
>> something that has come up before and has a known solution/workaround,
>> or what the best way to proceed.  Thanks!
> Right. OpenConnect currently has some hacks to 'parse' the basic
> standard HTML forms that the Juniper server offers, but many systems
> wrap it with other non-standard pages and authentication methods.
> We *really* need to do this with a proper HTML renderer (or web
> browser). Rather than parsing just the special cases we know about, we
> should pass the whole HTML page out to be presented to the user.
> If anyone feels like working on that, it would be much appreciated. It
> shouldn't even be *that* hard.
> In the meantime, one option is to try using a real web browser to go
> through the process. And once you get to the stage where you're
> authenticated and you have a DSID cookie, *then* invoke openconnect.

More information about the openconnect-devel mailing list