ESP Connection Refused Question
Benjamin Cardon
bj.cardon at gmail.com
Thu Aug 1 09:58:19 PDT 2024
Here is the handshake still using GPopen in case it's helpful.
However, I can try both of these again using gp-saml-gui after this as
well if it will help with debugging.
Thanks!
Ben
On Wed, Jul 31, 2024 at 6:12 PM Daniel Lenski <dlenski at gmail.com> wrote:
>
> On Wed, Jul 31, 2024 at 8:58 AM Benjamin Cardon <bj.cardon at gmail.com> wrote:
> > Attached is the handshake. Everything up to line 72 is collecting the
> > auth cookie from Okta.
>
> Yes, it appears from this log that there's simply no UDP connectivity
> between the client and the server. The ESP-over-UDP tunnel can't be
> connected, and so OpenConnect gives up and uses the TLS tunnel
> instead.
>
> Jul 31 09:24:00 xps15 plasmashell[3351696]: 2024-07-31 09:24:00.977
> INFO [3351696] [GPClient::onVPNLogAvailable at 518] Failed to connect
> ESP tunnel; using HTTPS instead.
>
> UDP connectivity can be broken in all kinds of idiosyncratic ways that
> are often specific to your network environment.
>
> The most important thing to try, in terms of NARROWING DOWN the
> possible breakages, would be to rerun this from the network
> environment *where ESP does work* and *compare the logs*. In
> particular, does anything change in the /ssl-vpn/getconfig.esp
> response, besides the randomized IPSEC security parameters and perhaps
> the IP address assigned to the client?
>
> And to make debugging easier, use
> https://github.com/dlenski/gp-saml-gui + the OpenConnect command-line
> interface (instead of the GUI-fied wrapper of
> https://github.com/yuezk/GlobalProtect-openconnect).
-------------- next part --------------
Aug 01 10:46:58 xps15 plasmashell[3781495]: Using OpenSSL 3.0.2 15 Mar 2022. Features present: TPM (OpenSSL ENGINE not present), HOTP software token, TOTP software token, DTLS, ESP
Aug 01 10:46:58 xps15 plasmashell[3781495]: Supported protocols: anyconnect (default), nc, gp, pulse, f5, fortinet, array
Aug 01 10:46:58 xps15 plasmashell[3781495]: Default vpnc-script (override with --script): /usr/share/vpnc-scripts/vpnc-script
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.723 INFO [3781495] [GPClient::onVPNLogAvailable at 518] Got extra OpenConnect args for server: PORTALDOMAIN, --disable-ipv6 -vvv --dump-http-traffic
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.723 INFO [3781495] [GPClient::onVPNLogAvailable at 518] Start process with arguments: --protocol=gp, --disable-ipv6, -vvv, --dump-http-traffic, -u, , --cookie-on-stdin, PORTALDOMAIN
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.726 INFO [3781495] [GPClient::onVPNLogAvailable at 518] Openconnect started successfully, PID=3781859
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.728 INFO [3781495] [GPClient::onVPNLogAvailable at 518] POST https://PORTALDOMAIN/ssl-vpn/getconfig.esp
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.738 INFO [3781495] [GPClient::onVPNLogAvailable at 518] Attempting to connect to server GWIP:443
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.742 INFO [3781495] [GPClient::onVPNLogAvailable at 518] Connected to GWIP:443
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.745 INFO [3781495] [GPClient::onVPNLogAvailable at 518] SSL negotiation with PORTALDOMAIN
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.753 INFO [3781495] [GPClient::onVPNLogAvailable at 518] Matched peer certificate subject name 'PORTALDOMAIN'
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.758 INFO [3781495] [GPClient::onVPNLogAvailable at 518] Connected to HTTPS on PORTALDOMAIN with ciphersuite TLSv1.2-ECDHE-RSA-AES256-GCM-SHA384
Aug 01 10:46:58 xps15 plasmashell[3781495]: > POST /ssl-vpn/getconfig.esp HTTP/1.1
Aug 01 10:46:58 xps15 plasmashell[3781495]: > Host: PORTALDOMAIN
Aug 01 10:46:58 xps15 plasmashell[3781495]: > User-Agent: PAN GlobalProtect
Aug 01 10:46:58 xps15 plasmashell[3781495]: > X-Pad: 00000
Aug 01 10:46:58 xps15 plasmashell[3781495]: > Content-Type: application/x-www-form-urlencoded
Aug 01 10:46:58 xps15 plasmashell[3781495]: > Content-Length: 315
Aug 01 10:46:58 xps15 plasmashell[3781495]: >
Aug 01 10:46:58 xps15 plasmashell[3781495]: > client-type=1&protocol-version=p1&internal=no&app-version=6.1.2-82&ipv6-support=no&clientos=Linux&os-version=linux-64&hmac-algo=sha1%2cmd5%2csha256&enc-algo=aes-128-cbc%2caes-256-cbc&authcookie=AUTHCOOKIE&portal=GWDOMAIN-N&user=bj.cardon&domain=corp&preferred-ip=&computer=xps15
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.769 INFO [3781495] [GPClient::onVPNLogAvailable at 518] Got HTTP response: HTTP/1.1 200 OK
Aug 01 10:46:58 xps15 plasmashell[3781495]: Date: Thu, 01 Aug 2024 16:46:58 GMT
Aug 01 10:46:58 xps15 plasmashell[3781495]: Content-Type: application/xml; charset=UTF-8
Aug 01 10:46:58 xps15 plasmashell[3781495]: Content-Length: 2093
Aug 01 10:46:58 xps15 plasmashell[3781495]: Connection: keep-alive
Aug 01 10:46:58 xps15 plasmashell[3781495]: Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Aug 01 10:46:58 xps15 plasmashell[3781495]: X-Frame-Options: DENY
Aug 01 10:46:58 xps15 plasmashell[3781495]: Strict-Transport-Security: max-age=31536000;
Aug 01 10:46:58 xps15 plasmashell[3781495]: X-XSS-Protection: 1; mode=block
Aug 01 10:46:58 xps15 plasmashell[3781495]: X-Content-Type-Options: nosniff
Aug 01 10:46:58 xps15 plasmashell[3781495]: Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';
Aug 01 10:46:58 xps15 plasmashell[3781495]: HTTP body length: (2093)
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <?xml version="1.0" encoding="UTF-8" ?>
Aug 01 10:46:58 xps15 plasmashell[3781495]: <
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <response status="success">
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <need-tunnel>yes</need-tunnel>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <ssl-tunnel-url>/ssl-tunnel-connect.sslvpn</ssl-tunnel-url>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <portal>GWDOMAIN-N</portal>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <user>bj.cardon</user>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <quarantine>no</quarantine>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <lifetime>43200</lifetime>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <timeout>10800</timeout>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <disconnect-on-idle>10800</disconnect-on-idle>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <bw-c2s>1000</bw-c2s>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <bw-s2c>1000</bw-s2c>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <panos-version>10.2.8-h3</panos-version>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <gw-address>GWIP</gw-address>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <ipv6-connection>no</ipv6-connection>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <ip-address>GWIP</ip-address>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <netmask>255.255.255.255</netmask>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <ip-address-preferred>yes</ip-address-preferred>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <dns>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <member>DNS1</member>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <member>DNS2</member>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <member>DNS3</member>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <member>DNS4</member>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < </dns>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <wins>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < </wins>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <dns-suffix>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < </dns-suffix>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <default-gateway>GWIP</default-gateway>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <mtu>0</mtu>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <no-direct-access-to-local-network>no</no-direct-access-to-local-network>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <access-routes>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <member>0.0.0.0/0</member>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <member>ROUTE1</member>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <member>ROUTE2</member>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <member>ROUTE3</member>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <member>ROUTE4</member>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < </access-routes>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <exclude-access-routes>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < </exclude-access-routes>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <exclude-split-tunneling-domain>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <member>*.vimeo.com:443</member>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < </exclude-split-tunneling-domain>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <exclude-video-redirect>yes</exclude-video-redirect>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <ipsec>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <udp-port>4501</udp-port>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <ipsec-mode>esp-tunnel</ipsec-mode>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <enc-algo>aes-128-cbc</enc-algo>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <hmac-algo>sha1</hmac-algo>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <c2s-spi>0x7190DCF3</c2s-spi>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <s2c-spi>0x7CF833DF</s2c-spi>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <akey-s2c>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <bits>160</bits>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <val>620d4ab2dcb7072dd5f105819e4f9b50df6ce20b</val>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < </akey-s2c>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <ekey-s2c>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <bits>128</bits>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <val>78c0667bab047548a409ac4da9c21e88</val>
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.769 INFO [3781495] [GPClient::onVPNLogAvailable at 518] < </ekey-s2c>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <akey-c2s>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <bits>160</bits>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <val>c47aa7d56578908a65283608e3e7c700feb24827</val>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < </akey-c2s>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <ekey-c2s>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <bits>128</bits>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <val>18fc0cca3b0f737fb432aad086d720ae</val>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < </ekey-c2s>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < </ipsec>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < </response>
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.769 INFO [3781495] [GPClient::onVPNLogAvailable at 518] Tunnel timeout (rekey interval) is 180 minutes.
Aug 01 10:46:58 xps15 plasmashell[3781495]: Idle timeout is 180 minutes.
Aug 01 10:46:58 xps15 plasmashell[3781495]: Unknown GlobalProtect config tag <panos-version>: 10.2.8-h3
Aug 01 10:46:58 xps15 plasmashell[3781495]: Unknown GlobalProtect config tag <exclude-split-tunneling-domain>:
Aug 01 10:46:58 xps15 plasmashell[3781495]: *.vimeo.com:443
Aug 01 10:46:58 xps15 plasmashell[3781495]:
Aug 01 10:46:58 xps15 plasmashell[3781495]: Unknown GlobalProtect config tag <exclude-video-redirect>: yes
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.769 INFO [3781495] [GPClient::onVPNLogAvailable at 518] TCP_INFO rcv mss 1414, snd mss 1414, adv mss 1460, pmtu 1500
Aug 01 10:46:58 xps15 plasmashell[3781495]: Using base_mtu of 1500
Aug 01 10:46:58 xps15 plasmashell[3781495]: After removing UDP/IPv4 headers, MTU of 1472
Aug 01 10:46:58 xps15 plasmashell[3781495]: After removing protocol specific overhead (36 unpadded, 2 padded, 16 blocksize), MTU of 1422
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.769 INFO [3781495] [GPClient::onVPNLogAvailable at 518] No MTU received. Calculated 1422 for ESP tunnel
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.769 INFO [3781495] [GPClient::onVPNLogAvailable at 518] POST https://PORTALDOMAIN/ssl-vpn/hipreportcheck.esp
Aug 01 10:46:58 xps15 plasmashell[3781495]: > POST /ssl-vpn/hipreportcheck.esp HTTP/1.1
Aug 01 10:46:58 xps15 plasmashell[3781495]: > Host: PORTALDOMAIN
Aug 01 10:46:58 xps15 plasmashell[3781495]: > User-Agent: PAN GlobalProtect
Aug 01 10:46:58 xps15 plasmashell[3781495]: > X-Pad: 00000000000000000000000000000000
Aug 01 10:46:58 xps15 plasmashell[3781495]: > Content-Type: application/x-www-form-urlencoded
Aug 01 10:46:58 xps15 plasmashell[3781495]: > Content-Length: 224
Aug 01 10:46:58 xps15 plasmashell[3781495]: >
Aug 01 10:46:58 xps15 plasmashell[3781495]: > client-role=global-protect-full&authcookie=AUTHCOOKIE&portal=GWDOMAIN-N&user=bj.cardon&domain=corp&preferred-ip=&computer=xps15&client-ip=172.16.3.168&md5=20a52a2bfaec3c1c4c634b47421a0ba7
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.777 INFO [3781495] [GPClient::onVPNLogAvailable at 518] Got HTTP response: HTTP/1.1 200 OK
Aug 01 10:46:58 xps15 plasmashell[3781495]: Date: Thu, 01 Aug 2024 16:46:58 GMT
Aug 01 10:46:58 xps15 plasmashell[3781495]: Content-Type: application/xml; charset=UTF-8
Aug 01 10:46:58 xps15 plasmashell[3781495]: Content-Length: 127
Aug 01 10:46:58 xps15 plasmashell[3781495]: Connection: keep-alive
Aug 01 10:46:58 xps15 plasmashell[3781495]: Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Aug 01 10:46:58 xps15 plasmashell[3781495]: X-Frame-Options: DENY
Aug 01 10:46:58 xps15 plasmashell[3781495]: Strict-Transport-Security: max-age=31536000;
Aug 01 10:46:58 xps15 plasmashell[3781495]: X-XSS-Protection: 1; mode=block
Aug 01 10:46:58 xps15 plasmashell[3781495]: X-Content-Type-Options: nosniff
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.777 INFO [3781495] [GPClient::onVPNLogAvailable at 518] Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; img-src * data:; style-src 'self' 'unsafe-inline';
Aug 01 10:46:58 xps15 plasmashell[3781495]: HTTP body length: (127)
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <response status="success">
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <hip-report-needed>yes</hip-report-needed>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <delay>0</delay>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < <quarantine>no</quarantine>
Aug 01 10:46:58 xps15 plasmashell[3781495]: < </response>
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.777 INFO [3781495] [GPClient::onVPNLogAvailable at 518] Gateway says HIP report submission is needed.
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.777 INFO [3781495] [GPClient::onVPNLogAvailable at 518] WARNING: Server asked us to submit HIP report with md5sum 20a52a2bfaec3c1c4c634b47421a0ba7.
Aug 01 10:46:58 xps15 plasmashell[3781495]: VPN connectivity may be disabled or limited without HIP report submission.
Aug 01 10:46:58 xps15 plasmashell[3781495]: You need to provide a --csd-wrapper argument with the HIP report submission script.
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.777 INFO [3781495] [GPClient::onVPNLogAvailable at 518] Parameters for incoming ESP: SPI 0x7cf833df
Aug 01 10:46:58 xps15 plasmashell[3781495]: ESP encryption type AES-128-CBC (RFC3602) key 0x78c0667bab047548a409ac4da9c21e88
Aug 01 10:46:58 xps15 plasmashell[3781495]: ESP authentication type HMAC-SHA-1-96 (RFC2404) key 0x620d4ab2dcb7072dd5f105819e4f9b50df6ce20b
Aug 01 10:46:58 xps15 plasmashell[3781495]: Parameters for outgoing ESP: SPI 0x7190dcf3
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.777 INFO [3781495] [GPClient::onVPNLogAvailable at 518] ESP encryption type AES-128-CBC (RFC3602) key 0x18fc0cca3b0f737fb432aad086d720ae
Aug 01 10:46:58 xps15 plasmashell[3781495]: ESP authentication type HMAC-SHA-1-96 (RFC2404) key 0xc47aa7d56578908a65283608e3e7c700feb24827
Aug 01 10:46:58 xps15 plasmashell[3781495]: Send ESP probes
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.777 INFO [3781495] [GPClient::onVPNLogAvailable at 518] UDP SO_SNDBUF: 91008
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.777 INFO [3781495] [GPClient::onVPNLogAvailable at 518] ICMPv4 probe packet (seq 0) for GlobalProtect ESP:
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.777 INFO [3781495] [GPClient::onVPNLogAvailable at 518] > 0000: 45 00 00 2c 47 47 40 00 40 01 cb e5 ac 10 03 a8 |E..,GG at .@.......|
Aug 01 10:46:58 xps15 plasmashell[3781495]: > 0010: 43 89 34 63 08 00 0b 09 47 47 00 00 6d 6f 6e 69 |C.4c....GG..moni|
Aug 01 10:46:58 xps15 plasmashell[3781495]: > 0020: 74 6f 72 00 00 70 61 6e 20 68 61 20 |tor..pan ha |
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.777 INFO [3781495] [GPClient::onVPNLogAvailable at 518] Delaying tunnel with reason: awaiting GPST ESP connection
Aug 01 10:46:58 xps15 plasmashell[3781495]: Send ESP probes
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.777 INFO [3781495] [GPClient::onVPNLogAvailable at 518] ICMPv4 probe packet (seq 1) for GlobalProtect ESP:
Aug 01 10:46:58 xps15 plasmashell[3781495]: > 0000: 45 00 00 2c 47 47 40 00 40 01 cb e5 ac 10 03 a8 |E..,GG at .@.......|
Aug 01 10:46:58 xps15 plasmashell[3781495]: > 0010: 43 89 34 63 08 00 0b 08 47 47 00 01 6d 6f 6e 69 |C.4c....GG..moni|
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.777 INFO [3781495] [GPClient::onVPNLogAvailable at 518] > 0020: 74 6f 72 00 00 70 61 6e 20 68 61 20 |tor..pan ha |
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.777 INFO [3781495] [GPClient::onVPNLogAvailable at 518] No work to do; sleeping for 1000 ms...
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.781 INFO [3781495] [GPClient::onVPNLogAvailable at 518] Delaying tunnel with reason: awaiting GPST ESP connection
Aug 01 10:46:58 xps15 plasmashell[3781495]: Accepting later-than-expected ESP packet with seq 1 (expected 0)
Aug 01 10:46:58 xps15 plasmashell[3781495]: Received ESP Legacy IP packet of 48 bytes
Aug 01 10:46:58 xps15 plasmashell[3781495]: ESP session established with server
Aug 01 10:46:58 xps15 plasmashell[3781495]: Accepting expected ESP packet with seq 2
Aug 01 10:46:58 xps15 plasmashell[3781495]: Received ESP Legacy IP packet of 48 bytes
Aug 01 10:46:58 xps15 plasmashell[3781495]: 2024-08-01 10:46:58.781 INFO [3781495] [GPClient::onVPNLogAvailable at 518] ESP tunnel connected; exiting HTTPS mainloop.
Aug 01 10:46:58 xps15 plasmashell[3781495]: No work to do; sleeping for 1000 ms...
Aug 01 10:46:59 xps15 plasmashell[3781495]: 2024-08-01 10:46:59.782 INFO [3781495] [GPClient::onVPNLogAvailable at 518] Configured as 172.16.3.168, with SSL disconnected and ESP established
Aug 01 10:46:59 xps15 plasmashell[3781495]: Session authentication will expire at Thu, 01 Aug 2024 22:46:58 MDT
Aug 01 10:46:59 xps15 NetworkManager[1106]: <info> [1722530819.7955] manager: (tun0): new Tun device (/org/freedesktop/NetworkManager/Devices/42)
Aug 01 10:46:59 xps15 systemd-udevd[3781877]: Using default interface naming scheme 'v249'.
Aug 01 10:46:59 xps15 NetworkManager[1106]: <info> [1722530819.8122] device (tun0): state change: unmanaged -> unavailable (reason 'connection-assumed', sys-iface-state: 'external')
Aug 01 10:46:59 xps15 NetworkManager[1106]: <info> [1722530819.8129] device (tun0): state change: unavailable -> disconnected (reason 'connection-assumed', sys-iface-state: 'external')
Aug 01 10:46:59 xps15 NetworkManager[1106]: <info> [1722530819.8132] device (tun0): Activation: starting connection 'tun0' (4dffa6ea-5647-4951-a718-cd95acc3b172)
Aug 01 10:46:59 xps15 NetworkManager[1106]: <info> [1722530819.8133] device (tun0): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'external')
Aug 01 10:46:59 xps15 NetworkManager[1106]: <info> [1722530819.8134] device (tun0): state change: prepare -> config (reason 'none', sys-iface-state: 'external')
Aug 01 10:46:59 xps15 NetworkManager[1106]: <info> [1722530819.8135] device (tun0): state change: config -> ip-config (reason 'none', sys-iface-state: 'external')
Aug 01 10:46:59 xps15 NetworkManager[1106]: <info> [1722530819.8136] device (tun0): state change: ip-config -> ip-check (reason 'none', sys-iface-state: 'external')
Aug 01 10:46:59 xps15 dbus-daemon[1105]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.4' (uid=0 pid=1106 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined")
Aug 01 10:46:59 xps15 systemd[1]: Starting Network Manager Script Dispatcher Service...
Aug 01 10:46:59 xps15 dbus-daemon[1105]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Aug 01 10:46:59 xps15 systemd[1]: Started Network Manager Script Dispatcher Service.
Aug 01 10:46:59 xps15 plasmashell[3781495]: 2024-08-01 10:46:59.842 INFO [3781495] [GPClient::onVPNLogAvailable at 518] Detected virtual address range 0x1000-0x7ffffffff000
Aug 01 10:46:59 xps15 plasmashell[3781495]: 2024-08-01 10:46:59.842 INFO [3781495] [GPClient::onVPNLogAvailable at 518] Using vhost-net for tun acceleration, ring size 32
Aug 01 10:46:59 xps15 plasmashell[3781495]: 2024-08-01 10:46:59.842 INFO [3781495] [GPClient::onVPNLogAvailable at 518] Kick vhost ring
Aug 01 10:46:59 xps15 plasmashell[3781495]: No work to do; sleeping for 9000 ms...
Aug 01 10:46:59 xps15 plasmashell[3781495]: 2024-08-01 10:46:59.842 INFO [3781495] [GPClient::onVPNLogAvailable at 518] RX packet 0x5f83a9c8cea0(48) [0] [used 2]
Aug 01 10:46:59 xps15 plasmashell[3781495]: RX packet 0x5f83a9c8ec10(52) [1] [used 2]
Aug 01 10:46:59 xps15 plasmashell[3781495]: 2024-08-01 10:46:59.842 INFO [3781495] [GPClient::onVPNLogAvailable at 518] Sent ESP IPv6 packet of 100 bytes
Aug 01 10:46:59 xps15 plasmashell[3781495]: 2024-08-01 10:46:59.842 INFO [3781495] [GPClient::onVPNLogAvailable at 518] Sent ESP IPv4 packet of 100 bytes
Aug 01 10:46:59 xps15 plasmashell[3781495]: 2024-08-01 10:46:59.842 INFO [3781495] [GPClient::onVPNLogAvailable at 518] No work to do; sleeping for 9000 ms...
Aug 01 10:46:59 xps15 NetworkManager[1106]: <info> [1722530819.8425] device (tun0): state change: ip-check -> secondaries (reason 'none', sys-iface-state: 'external')
Aug 01 10:46:59 xps15 NetworkManager[1106]: <info> [1722530819.8426] device (tun0): state change: secondaries -> activated (reason 'none', sys-iface-state: 'external')
Aug 01 10:46:59 xps15 NetworkManager[1106]: <info> [1722530819.8428] device (tun0): Activation: successful, device activated.
Aug 01 10:46:59 xps15 plasmashell[3781495]: 2024-08-01 10:46:59.846 INFO [3781495] [GPClient::onVPNLogAvailable at 518] RX packet 0x5f83a9c8f420(77) [2] [used 4]
Aug 01 10:46:59 xps15 plasmashell[3781495]: RX packet 0x5f83a9c7c330(77) [3] [used 4]
More information about the openconnect-devel
mailing list