Connecting to anyconnect vpn - system verification

Daniel Lenski dlenski at
Sun Feb 19 12:04:08 PST 2023

On Mon, Feb 6, 2023 at 4:04 AM Zbyněk Kačer <zbynek.kacer at> wrote:
> I will now try to decrypt the tcp channel - there must be something
> useful inside. But so far it refuses to use mitmproxy.

You may well need to use TRANSPARENT proxying
( in order to
force it through the proxy.

- "Normal" MITM proxying: you set up a proxy via a normal proxy
protocol (e.g. socks or http) and tell applications to use it. That
proxy application MITM's your TLS/DTLS connections. Some applications
can and do ignore it.
- "Transparent" MITM proxying: your proxy runs as an unavoidable hop
on the IP-based connection path between the client application and the
public Internet. Individual applications cannot avoid connecting
through it. This isn't quite as easy to setup as a "normal" MITM
proxy, but if you're MITM'ing an application running on a VM under a
Linux host, it's still pretty easy. See and

More information about the openconnect-devel mailing list