Support for Symantec VIP Access.
Fung Chai Lim
fungchai.lim at kaisquare.com
Thu Jan 14 03:22:55 EST 2021
Hi,
I run the following on a host running RebornOS (archlinux):
echo MY-SECRET-PASSWD | sudo openconnect -v \
-u USER-NAME \
--protocol=anyconnect \
--passwd-on-stdin \
--token-mode=totp \
--token-secret=abcdefgh,302425 \
VPN-SERVER
My VIP Access app has Credential ID of "SYMC abcd efgh". When I ran
the above command, the app was showing 302425. Not sure if I have
correctly entered the token-secret. The above command produced the
following output:
POST https://VPN-SERVER/
Attempting to connect to server A.B.C.D:443
Connected to A.B.C.D:443
SSL negotiation with VPN-SERVER
Connected to HTTPS on VPN-SERVER with ciphersuite
(TLS1.2)-(RSA)-(AES-256-CBC)-(SHA1)
Got HTTP response: HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Cache-Control: no-store
Pragma: no-cache
Connection: Keep-Alive
Date: Thu, 14 Jan 2021 08:08:38 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Aggregate-Auth: 1
HTTP body chunked (-2)
OK to generate INITIAL tokencode
XML POST enabled
Error: Server asked us to run CSD hostscan.
You need to provide a suitable --csd-wrapper argument.
Failed to obtain WebVPN cookie
Where can I get the CSD hostscan application?
BTW, I ran credmgr.msc on my Windows laptop and found that my private
key is non-exportable. Will this be a problem? Do I need the private
key in order to use openconnect to log into my vpn server?
On Thu, Jan 14, 2021 at 1:34 PM Fung Chai Lim
<fungchai.lim at kaisquare.com> wrote:
>[snipped]
More information about the openconnect-devel
mailing list