Trouble with juniper connection - invalid HMAC

Gaute Amundsen gaute at div.org
Thu Dec 15 01:00:45 PST 2016 

It seems 7.08 still has the same issue in my case.

Any suggestions?

G.


./configure --with-vpnc-script=/usr/share/vpnc-scripts/vpnc-script
BUILD OPTIONS:
   SSL library:            OpenSSL
   PKCS#11 support:        no
   DTLS support:           yes
   ESP support:            yes
   libproxy support:       no
   RSA SecurID support:    no
   PSKC OATH file support: no
   GSSAPI support:         no
   Yubikey support:        no
   LZ4 compression:        no
   Java bindings:          no
   Build docs:             no
   Unit tests:             no

make check
...
PASS: lzstest
PASS: seqtest
FAIL: bad_dtls_test
============================================================================
Testsuite summary for openconnect 7.08
============================================================================
# TOTAL: 3
# PASS:  2
# SKIP:  0
# XFAIL: 0
# FAIL:  1
# XPASS: 0
# ERROR: 0


With -vv

ping -c1 -W 2 -s 1394 host.tld - succeeds

Sent ESP packet of 116 bytes
No work to do; sleeping for 10000 ms...
Received ESP packet of 132 bytes
No work to do; sleeping for 15000 ms...
Sent ESP packet of 1444 bytes
Sent ESP packet of 84 bytes
No work to do; sleeping for 15000 ms...
Received ESP packet of 1460 bytes
No work to do; sleeping for 15000 ms...
Sent ESP packet of 116 bytes
No work to do; sleeping for 15000 ms...
Received ESP packet of 164 bytes
No work to do; sleeping for 15000 ms...


ping -c1 -W 2 -s 1395 host.tld - fails

Sent ESP packet of 116 bytes
No work to do; sleeping for 4000 ms...
Received ESP packet of 132 bytes
No work to do; sleeping for 15000 ms...
Sent ESP packet of 1444 bytes
Sent ESP packet of 100 bytes
No work to do; sleeping for 15000 ms...
Received ESP packet of 1460 bytes
Received ESP packet with invalid HMAC
No work to do; sleeping for 15000 ms...


ifconfig

tun0      Link encap:UNSPEC  HWaddr 
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
           inet addr:10.150.4.56  P-t-P:10.150.4.56 Mask:255.255.255.255
           UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1400 Metric:1
           RX packets:120 errors:0 dropped:0 overruns:0 frame:0
           TX packets:135 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:500
           RX bytes:23520 (23.5 KB)  TX bytes:22269 (22.2 KB)


I also have some Wireshark captures showing "malformed packet" when 
trying to open an RDP connection using Remmina.

More information about the openconnect-devel mailing list