2016-12-15 23:50 GMT+07:00 Thomas Glanzmann <tho...@glanzmann.de>:
> Hello Roman,
>
> > You can try logging $ssl_preread_server_name in access_log.
>
> thank you. It seems that nginx is not able to extract the server_name
> from openconnect correctly:
>
> 2a01:598:8181:37ef:95e1:682:4c98:449e - [15/Dec/2016:17:45:57 +0100] ""
>
> When I connect with a browser:
>
> 2a01:598:8181:37ef:95e1:682:4c98:449e - [15/Dec/2016:17:46:20 +0100] "
> vpn.gmvl.de"
>
> This seems to be one problem. And another problem seems that backend
> communication between nginx and ocserv using the proxy protocol.
>
> Here is tcpdump of the openconnect ssl handshake with nginx:
>
> https://thomas.glanzmann.de/tmp/openconnect_sni.pcap
do you mean port sharing between OpenVPN and Cisco AnyConnect ?
>
>
> I'm using the command line 'openconnect vpn.gmvl.de'.
>
> Cheers,
> Thomas
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
> _______________________________________________
> Openvpn-devel mailing list
> Openvpn-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openvpn-devel
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
