On Tue, Aug 3, 2021 at 9:08 AM Antonio Petrelli <antonio.petre...@gmail.com> wrote: > > Hello again > From now on, the edited values are between <angle-brackets>, but the > rest is literal.รน > Ok after login, I land on a page that says "Connect to VPN". > > Clicking on it this request is sent: > > GET /vdesk/get_token_for_sessid.php3 HTTP/1.0 > Host: <corporate-vpn-host-name> > User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) > Gecko/20100101 Firefox/90.0 > Accept: */* > Accept-Language: it-IT,it;q=0.8,en-US;q=0.5,en;q=0.3 > Accept-Encoding: gzip, deflate, br > DNT: 1 > Connection: keep-alive > Referer: > https://<corporate-vpn-host-name>/vdesk/webtop.eui?webtop=/Common/Portal_<CORPORATE-VPN-HOST-NAME-IN-UPPERCASE>_Webtop&webtop_type=webtop_full > Cookie: LastMRH_Session=<4-bytes-hex-encoded>; TIN=66000; > MRHSession=<MRHSession-Cookie>; F5_ST=<F5-ST-Cookie>; F5_fullWT=1 > Sec-Fetch-Dest: empty > Sec-Fetch-Mode: cors > Sec-Fetch-Site: same-origin
Since you've already arrived at the "webtop" interface, you've already completed the login process and you already have the credential (the cookie named 'MRHSession') which OpenConnect requires to be able to actually configure and connect to the VPN tunnel. I believe you should be able to simply capture the value of <MRHSession-Cookie> (using the browser dev tools), and then run OpenConnect as follows: openconnect --dump -vvvv --prot=f5 \ --cookie "MRHSession=<MRHSession-Cookie>" \ <corporate-vpn-host-name> (Important: do NOT close the browser window before running this command; that may cause it to logoff the session and invalidate the cookie) I'll wager 70% odds that this Just Works. If that doesn't work, then I guess we'll have to figure out what the "token" and "access-session-token" values mean, and how they get used by the f5vpn binary. Dan _______________________________________________ openconnect-devel mailing list openconnect-devel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/openconnect-devel