Pulse support
Jeff Gustafson
ncjeffgus at zimage.com
Tue Oct 11 17:47:16 PDT 2016
On Wed, 2016-10-12 at 00:55 +0100, David Woodhouse wrote:
> It shouldn't be. If you don't have a DTLS/ESP connection then we
> won't
> use it. We'll just pass data over the TCP connection instead.
>
> I don't quite know how --no-dtls could fix anything, if ping was
> still
> working. If there was *no* traffic in the failure case, perhaps...
> but
> not if it was only DNS that was broken.
>
I've been messing around with the client today and I think I screwed up
the ping. The ping *does* die when I don't put the '--no-dtls'. So
ignore that part. It was my mistake.
I've been trying the openconnect release in Fedora 24 and I also
compiled openconnect from git.
The issue seems to be that --no-dtls is required for the connection to
continue to work. Without the --no-dtls, the VPN works for a minute or
so and then traffic stops coming back.
Is this a bug or something I should expect when using openconnect with
some combinations of VPN servers?
...Jeff
More information about the openconnect-devel
mailing list