That makes sense, thank you for the explanation. On Thu, Apr 2, 2020 at 3:50 PM David Woodhouse <dw...@infradead.org> wrote: > > On Thu, 2020-04-02 at 15:20 +0200, Grant Williamson wrote: > > Is there a way to specify multiple VPN hosts in the > > NetworkManager-openconnect system-connections profile? > > > > I can see there is a drop down menu option in the connection dialog, > > wondering how to add multiple hosts(if possible)? > > It gets them out of the XML profile which is provided from the > AnyConnect server. > > The xmlconfig key in the VPN date contains that XML, base64-encoded. > Make it look like an AnyConnect profile file. So something like... > > <AnyConnectProfile> > <ServerList> > <HostEntry> > <HostName>My First Server</HostName> > <HostAddress>vpn1.example.com</HostAddress> > </HostEntry> > <HostEntry> > <HostName>My Second Server</HostName> > <HostAddress>vpn2.example.com</HostAddress> > </HostEntry> > </ServerList> > </AnyConnectProfile> > > ...would base64-encode to: > > PEFueUNvbm5lY3RQcm9maWxlPgogIDxTZXJ2ZXJMaXN0PgogICAgPEhvc3RFbnRyeT4KICAgICAg > PEhvc3ROYW1lPk15IEZpcnN0IFNlcnZlcjwvSG9zdE5hbWU+CiAgICAgIDxIb3N0QWRkcmVzcz52 > cG4xLmV4YW1wbGUuY29tPC9Ib3N0QWRkcmVzcz4KICAgIDwvSG9zdEVudHJ5PgogICAgPEhvc3RF > bnRyeT4KICAgICAgPEhvc3ROYW1lPk15IFNlY29uZCBTZXJ2ZXI8L0hvc3ROYW1lPgogICAgICA8 > SG9zdEFkZHJlc3M+dnBuMi5leGFtcGxlLmNvbTwvSG9zdEFkZHJlc3M+CiAgICA8L0hvc3RFbnRy > eT4KICA8L1NlcnZlckxpc3Q+CjwvQW55Q29ubmVjdFByb2ZpbGU+Cg== > > So if I change one of my test connections... > > nmcli con modify 'Pulse' vpn.secrets > "xmlconfig=PEFueUNvbm5lY3RQcm9maWxlPgogIDxTZXJ2ZXJMaXN0PgogICAgPEhvc3RFbnRyeT4KICAgICAgPEhvc3ROYW1lPk15IEZpcnN0IFNlcnZlcjwvSG9zdE5hbWU+CiAgICAgIDxIb3N0QWRkcmVzcz52cG4xLmV4YW1wbGUuY29tPC9Ib3N0QWRkcmVzcz4KICAgIDwvSG9zdEVudHJ5PgogICAgPEhvc3RFbnRyeT4KICAgICAgPEhvc3ROYW1lPk15IFNlY29uZCBTZXJ2ZXI8L0hvc3ROYW1lPgogICAgICA8SG9zdEFkZHJlc3M+dnBuMi5leGFtcGxlLmNvbTwvSG9zdEFkZHJlc3M+CiAgICA8L0hvc3RFbnRyeT4KICA8L1NlcnZlckxpc3Q+CjwvQW55Q29ubmVjdFByb2ZpbGU+Cg==" > > > ... and try to connect it it... > > Yep, that works. >
_______________________________________________ openconnect-devel mailing list openconnect-devel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/openconnect-devel
