Recently started having a problem with openconnect connecting to a Cisco
AnyConnect VPN server. I suspect the problem is vpnc-client not
correctly opening up a tunnel, but I'm not sure and I have no idea how
to fix it. I've tried three different vpn-client scripts. With any of
them, I have no network connectivity, and I get different error messages
when I ctrl-C. I used to get a message about it setting up a tun0
device after a short delay, but I'm not seeing that any more.
This is what I was originally getting from the install from the Ubuntu
repository:
root@ibis:/usr/share/vpnc-scripts# openconnect https://go.vpn.gwu.edu/ses
POST https://go.vpn.gwu.edu/ses
Connected to 128.164.202.177:443
SSL negotiation with go.vpn.gwu.edu
Connected to HTTPS on go.vpn.gwu.edu
XML POST enabled
© 2014, The George Washington University
2121 Eye St, NW; Washington, DC 20052. Phone: 202-994-GWIT (4948)
Site Maintained by Division of IT
Please enter your NetID and Password
GW students, faculty, and staff can access this service by using their GW NetIDs
(the part of the e-mail address that precedes @gwu.edu) and corresponding passwords.
Username:syscjm
Password:
Password:
POST https://go.vpn.gwu.edu/
Got CONNECT response: HTTP/1.1 200 OK
CSTP connected. DPD 30, Keepalive 20
Connected as 128.164.108.37, using SSL
Established DTLS connection (using GnuTLS). Ciphersuite
(DTLS0.9)-(DHE-RSA-4294967237)-(AES-128-CBC)-(SHA1).
^CFailed to spawn script '/usr/share/vpnc-scripts/vpnc-script' for connect:
Interrupted system call
Send BYE packet: Aborted by caller
Error: argument "via" is wrong: use nexthop syntax to specify multiple via
User canceled (SIGINT); exiting;
root@ibis:/usr/share/vpnc-scripts#
I tried the vpn-client listed on Openconnected's home site
(http://git.infradead.org/users/dwmw2/vpnc-scripts.git/blob_plain/HEAD:/vpnc-script):
root@ibis:/usr/share/vpnc-scripts# openconnect --script
/usr/share/vpnc-scripts/vpnc-script-new https://go.vpn.gwu.edu/ses
POST https://go.vpn.gwu.edu/ses
Connected to 128.164.202.177:443
SSL negotiation with go.vpn.gwu.edu
Connected to HTTPS on go.vpn.gwu.edu
XML POST enabled
© 2014, The George Washington University
2121 Eye St, NW; Washington, DC 20052. Phone: 202-994-GWIT (4948)
Site Maintained by Division of IT
Please enter your NetID and Password
GW students, faculty, and staff can access this service by using their GW NetIDs
(the part of the e-mail address that precedes @gwu.edu) and corresponding passwords.
Username:syscjm
Password:
Password:
POST https://go.vpn.gwu.edu/
Got CONNECT response: HTTP/1.1 200 OK
CSTP connected. DPD 30, Keepalive 20
Connected as 128.164.108.32, using SSL
Established DTLS connection (using GnuTLS). Ciphersuite
(DTLS0.9)-(DHE-RSA-4294967237)-(AES-128-CBC)-(SHA1).
Error: any valid prefix is expected rather than "dev".
^CFailed to spawn script '/usr/share/vpnc-scripts/vpnc-script-new' for connect:
Interrupted system call
Send BYE packet: Aborted by caller
RTNETLINK answers: No such process
User canceled (SIGINT); exiting;
root@ibis:/usr/share/vpnc-scripts#
I also tried a vpnc-script I found in a Git repository
(https://gitlab.com/openconnect/vpnc-scripts/raw/master/vpnc-script):
root@ibis:/usr/share/vpnc-scripts# openconnect --script
/usr/share/vpnc-scripts/vpnc-script-new2 https://go.vpn.gwu.edu/ses
POST https://go.vpn.gwu.edu/ses
Connected to 128.164.202.177:443
SSL negotiation with go.vpn.gwu.edu
Connected to HTTPS on go.vpn.gwu.edu
XML POST enabled
© 2014, The George Washington University
2121 Eye St, NW; Washington, DC 20052. Phone: 202-994-GWIT (4948)
Site Maintained by Division of IT
Please enter your NetID and Password
GW students, faculty, and staff can access this service by using their GW NetIDs
(the part of the e-mail address that precedes @gwu.edu) and corresponding passwords.
Username:syscjm
Password:
Password:
POST https://go.vpn.gwu.edu/
Got CONNECT response: HTTP/1.1 200 OK
CSTP connected. DPD 30, Keepalive 20
Connected as 128.164.108.36, using SSL
Established DTLS connection (using GnuTLS). Ciphersuite
(DTLS0.9)-(DHE-RSA-4294967237)-(AES-128-CBC)-(SHA1).
Error: any valid prefix is expected rather than "dev".
^CFailed to spawn script '/usr/share/vpnc-scripts/vpnc-script-new2' for
connect: Interrupted system call
Send BYE packet: Aborted by caller
RTNETLINK answers: No such process
User canceled (SIGINT); exiting;
root@ibis:/usr/share/vpnc-scripts#
Any help on how I can fix this?
--
Christopher Mattern
Unix Engineer, George Washington University
_______________________________________________
openconnect-devel mailing list
openconnect-devel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/openconnect-devel
