Hi, What's the "right way" to debug the following? (Log below is _not_ -vvv, etc.) Basically, the VPN works for a bit, goes in-and-out, and then fails.
<snip> SAML REDIRECT authentication in progress prelogin-cookie: POST https://vpn.example.com/ssl-vpn/login.esp GlobalProtect login returned authentication-source=gp-azure-sso-saml-auth-1 GlobalProtect login returned usually-equals-4=4 GlobalProtect login returned usually-equals-unknown=unknown POST https://vpn.example.com/ssl-vpn/getconfig.esp Tunnel timeout (rekey interval) is 180 minutes. Idle timeout is 180 minutes. No MTU received. Calculated 1422 for ESP tunnel POST https://vpn.example.com/ssl-vpn/hipreportcheck.esp Trying to run HIP Trojan script '/usr/libexec/openconnect/hipreport.sh'. HIP script '/usr/libexec/openconnect/hipreport.sh' completed successfully (report is 4326 bytes). POST https://vpn.example.com/ssl-vpn/hipreport.esp HIP report submitted successfully. ESP session established with server ESP tunnel connected; exiting HTTPS mainloop. Configured as READACTEDIPV4NUMBER1, with SSL disconnected and ESP established Session authentication will expire at Fri, 02 Aug 2024 11:02:56 CDT VPN now accessible through 'ssh fec0::1' Using vhost-net for tun acceleration, ring size 32 ESP detected dead peer Failed to connect ESP tunnel; using HTTPS instead. SSL negotiation with vpn.example.com Connected to HTTPS on vpn.example.com with ciphersuite (TLS1.2)-(ECDHE-SECP256R1)-(RSA-SHA256)-(AES-256-GCM) GPST Dead Peer Detection detected dead peer! POST https://vpn.example.com/ssl-vpn/getconfig.esp SSL negotiation with vpn.example.com Connected to HTTPS on vpn.example.com with ciphersuite (TLS1.2)-(ECDHE-SECP256R1)-(RSA-SHA256)-(AES-256-GCM) Tunnel timeout (rekey interval) is 180 minutes. Idle timeout is 180 minutes. POST https://vpn.example.com/ssl-vpn/hipreportcheck.esp ESP session established with server ESP tunnel connected; exiting HTTPS mainloop. ESP detected dead peer Failed to connect ESP tunnel; using HTTPS instead. Failed to reconnect to host vpn.example.com: Connection timed out POST https://vpn.example.com/ssl-vpn/logout.esp Failed to reconnect to host vpn.example.com: Connection timed out Failed to open HTTPS connection to vpn.example.com Logout failed. Unrecoverable I/O error; exiting. Thanks for the help. Regards, Karl <k...@karlpinc.com> Free Software: "You don't pay back, you pay forward." -- Robert A. Heinlein _______________________________________________ openconnect-devel mailing list openconnect-devel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/openconnect-devel
