Hello, sorry but I've been on holidays, so I apologize for my slow response too :-D
Il giorno mer 11 ago 2021 alle ore 02:42 Daniel Lenski <dlen...@gmail.com> ha scritto: > f5-vpn://<corporate-vpn-host-name>?server=<corporate-vpn-host-name>&resourcename=/Common/SSL_VPN_Portal_Import-<id-variable-part>&resourcetype=network_access&cmd=launch&protocol=https&port=443&sid=nnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn&token=<some-hex-encoded-value>&otc=<access-session-token> > > Can you confirm that the value of the 'sid' field in the f5-vpn:// URI > precisely matches the value of the MRHSession cookie sent in the > get_token_for_sessid.php3 request seen in the browser login? My > expectation is YES, they should be identical. SID appears to be one of > the many names used inconsistently for this 32-hex-digit value. No, the sid value is literally nnnn...., this is pretty strange... > > What to do now? > > Do a MITM capture of the f5vpn binary, and figure out what request(s) > it sends involving the access-session-token value. I managed to do it on 5th August, but then I went on holidays, so here you can see the conversation log I managed to take: https://pastebin.com/BpKWJDfL The cool thing is that some of the parameters that are sent to f5vpn via the f5-vpn://... URL seem not to be used, such as "sid". I have some doubts about the ${f5stNotSetAnywhere} cookie, since it seems not to be set anywhere... Let me know your thoughts. Thanks Antonio _______________________________________________ openconnect-devel mailing list openconnect-devel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/openconnect-devel