Hi, Are you certain the server supports ECDHE-RSA-AES128-GCM-SHA256? It would help to see the the (redacted) verbose output of openconnect to understand the issue at hand. Also, does the VPN connection use TLS or DTLS? Again the openconnect output would provide that information.