DTLS not working
Choon Hoe Chua
choonhoe at gmail.com
Tue Nov 28 17:26:18 PST 2017
Hi All
I have Openconnect server up and running and clients can connect fine. But the connection protocol is always TLSv1.2. It does not seem to use DTLS, no matter which client I use (Cisco Anyconnect on MacOS, iOS and Android and OpenConnect for Android).
OS: Ubuntu 17.04
ocserv version: ocserv/zesty,now 0.11.6-1 amd64 [installed]
certificate: obtained via certbot
OpenSSL 1.0.2g
relevant ocserv.conf settings:
server-cert = /etc/letsencrypt/live/myname.me/fullchain.pem
server-key = /etc/letsencrypt/live/myname.me/privkey.pem
try-mtu-discovery = true
tls-priorities = “NORMAL:%SERVER_PRECEDENCE:%COMPAT:-VERS-SSL3.0"
#match-tls-dtls-ciphers = true
cisco-client-compat = true
#dtls-psk = false
dtls-legacy = true
Also, there is no ocserv logfile in /var/log. Where is the location for the log file?
Appreciate any advice or pointers where to troubleshoot. Thanks
More information about the openconnect-devel
mailing list