Git commit 0fc967c3 works.

For the moment my process is manual.

$ gp-saml-gui -p --clientos=Windows <my-vpn> -- --authgr='US Central'

produces the correct CLI command and I copy/paste that to the
terminal, editing 'openconnect' to the correct absolute path.

Many thanks to all developers of openconnect. I'd be "up the creek" without it.

On Mon, Jun 21, 2021 at 12:07 PM O. William McClung <owmccl...@gmail.com> wrote:
>
> On Gentoo Linux:
>
> $ gp-saml-gui --portal -S --clientos=Windows <my-vpn>
>
> produces
>
> ...
> [SAML   ] Got all required SAML headers, done.
> IMPORTANT: We started with SAML auth to the portal interface, but received a 
> cookie that's often associated with the gateway interface. You should 
> probably try both.
>
> SAML response converted to OpenConnect command line invocation:
>
>     echo <cookie> |
>         sudo openconnect --protocol=gp '--user=<user>' --os=win 
> --usergroup=portal:prelogin-cookie --passwd-on-stdin <my-vpn>
> ...
> Portal set HIP report interval to 60 minutes).
> 8 gateway servers available:
>   US Southwest (us-southwest-g-universi.gpo2ojjg5cnn.gw.gpcloudservice.com)
>   US Northwest (us-northwest-g-universi.gpo2ojjg5cnn.gw.gpcloudservice.com)
>   US West (us-west-g-universi.gpo2ojjg5cnn.gw.gpcloudservice.com)
>   US Southeast (us-southeast-g-universi.gpo2ojjg5cnn.gw.gpcloudservice.com)
>   US East (us-east-g-universi.gpo2ojjg5cnn.gw.gpcloudservice.com)
>   US South (us-south-universi.gpo2ojjg5cnn.gw.gpcloudservice.com)
>   US Northeast (us-northeast-universi.gpo2ojjg5cnn.gw.gpcloudservice.com)
>   US Central (us-central-g-universi.gpo2ojjg5cnn.gw.gpcloudservice.com)
> Please select GlobalProtect gateway.
> GATEWAY: [US Southwest|US Northwest|US West|US Southeast|US East|US South|US 
> Northeast|US Central]:fgets (stdin): Resource temporarily unavailable
>
> $ gp-saml-gui --portal -S --clientos=Windows <my-vpn> -- --authgroup='US 
> Central'
>
> produces
>
> ...
> Connected to HTTPS on <my-vpn> with ciphersuite (TLS1.2)-(RSA)-(AES-256-GCM)
> Enter login credentials
> POST https://<my-vpn>/global-protect/getconfig.esp
> Portal set HIP report interval to 60 minutes).
> 8 gateway servers available:
>   US Southwest (us-southwest-g-universi.gpo2ojjg5cnn.gw.gpcloudservice.com)
>   US Northwest (us-northwest-g-universi.gpo2ojjg5cnn.gw.gpcloudservice.com)
>   US West (us-west-g-universi.gpo2ojjg5cnn.gw.gpcloudservice.com)
>   US Southeast (us-southeast-g-universi.gpo2ojjg5cnn.gw.gpcloudservice.com)
>   US East (us-east-g-universi.gpo2ojjg5cnn.gw.gpcloudservice.com)
>   US South (us-south-universi.gpo2ojjg5cnn.gw.gpcloudservice.com)
>   US Northeast (us-northeast-universi.gpo2ojjg5cnn.gw.gpcloudservice.com)
>   US Central (us-central-g-universi.gpo2ojjg5cnn.gw.gpcloudservice.com)
> Please select GlobalProtect gateway.
> POST 
> https://us-central-g-universi.gpo2ojjg5cnn.gw.gpcloudservice.com/ssl-vpn/prelogin.esp?tmp=tmp&clientVer=4100&clientos=Windows
> Connected to <ip>
> SSL negotiation with us-central-g-universi.gpo2ojjg5cnn.gw.gpcloudservice.com
> Connected to HTTPS on 
> us-central-g-universi.gpo2ojjg5cnn.gw.gpcloudservice.com with ciphersuite 
> (TLS1.2)-(RSA)-(AES-256-GCM)
> Enter login credentials
> prelogin-cookie:
> fgets (stdin): Inappropriate ioctl for device
>
> Any hints on getting openconnect to work with <my-vpn> will be gratefully 
> received.

_______________________________________________
openconnect-devel mailing list
openconnect-devel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/openconnect-devel

Reply via email to