On Mon, Feb 4, 2019 at 9:23 AM Phillips, Tony <[email protected]> wrote: > > I see various discussions through google results when searching for how to > request a specific IP using OpenConnect. > > I've compiled openconnect-8.02 on RHEL7.5, but the --request-ip=x.x.x.x > command dumps help instead. > > Is that actually not part of the code yet?
This is a feature that I proposed implementing previously (you probably found http://lists.infradead.org/pipermail/openconnect-devel/2017-November/004591.html). It's questionable whether it can or will work broadly enough to be useful, and not confusing. 1) Cisco AnyConnect servers *appeared at first to support it*. Including "X-CSTP-Address: 1.2.3.4" as a *request* header for CONNECT appeared to have the desired effect. However, we later tested other Cisco AnyConnect servers where it didn't work. 2) Juniper servers: no known way to request a specific address using the Juniper NC protocol. 3) GlobalProtect servers support it, and the official GlobalProtect clients use it. Including "preferred-ip=1.2.3.4" in the getconfig request basically does the trick. Patches to add the `--request-ip` option, IPv4 only: http://lists.infradead.org/pipermail/openconnect-devel/2017-December/004638.html I would be quite interested to know if it works for you with Cisco servers. As mentioned above, there are at least *some* Cisco servers which ignore it… Thanks, Dan _______________________________________________ openconnect-devel mailing list [email protected] http://lists.infradead.org/mailman/listinfo/openconnect-devel
