On Tue, Jul 30, 2024 at 11:47 AM Benjamin Cardon <bj.car...@gmail.com> wrote: > > Hi, my company has a GlobalProtect VPN and I've been successfully > using it using GPopen and openconnect for years.
What is GPopen? > A few months ago, they changed something in our network or VPN that is > causing the VPN to fail to connect via ESP when I'm in our office, though it > works perfectly fine outside the office network. I have tried to figure out > what exactly is preventing ESP from starting up and the only thing I can > really see in the logs that is different between in the office versus out of > the office is this log > > Jul 30 11:06:33 xps15 plasmashell[3116179]: 2024-07-30 11:06:33.467 > INFO [3116179] [GPClient::onVPNLogAvailable@518] ESP receive error: > Connection refused > > My question is, what does this log line imply and where is the connection > being refused from? Find and provide additional context, and then we'll both have a better idea of what's going on. As Karl Pinc wrote, run the OpenConnect command-line client with `-vvv --dump-http-traffic` and share the logs from that, particularly log messages about ESP configuration. > Is it just UDP packets to the gateway address? Prior to this, it does do a > handshake using Okta to sign in which works just fine so it's transferring > the ESP packets explicitly that seems to be the problem. To me, this suggests > a network configuration/firewall issue but I need more info to tell our > networking team what to investigate. It is *likely* that some kind of middlebox is preventing UDP packets from getting through in the non-working network environment, but there are other possibilities as well. _______________________________________________ openconnect-devel mailing list openconnect-devel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/openconnect-devel
