Any news on this one?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1229195
Title:
Openconnect will not connect under Saucy -- openssl problem?
To manage notifications about this bug go to:
Friedemann, as far as I can tell the original bug reported here was
fixed with version 5.02-1. If you are experiencing problems with
OpenConnect in a currently supported Ubuntu release or in the current
development release, please open a new bug report. See
Just FYI. With 14.04 I can connect to vpn server, but I found ssh to
internal servers didn't work, nor opened https website. It turns out the
MTU of vpn server hasn't been honored by openconnect anymore, you can
see below X-CSTP-MTU: 1347, while it's set to X-DTLS-MTU: 1418, after
change vpn
For what it's worth, I just manually downloaded the 5.02 packages and
installed them on a Linux Mint 16 laptop. It didn't work after I first
installed the packages but after a reboot it worked. I'm guessing the
network-manager was hanging on to the 5.01 lib files somewhere.
--
You received this
For what it's worth, as the original version the patched version has
worked perfectly fine for me under Ubuntu 13.10, and I'd used it several
times under pre-release versions of Ubuntu 14.04 without problems.
Mike
--
You received this bug notification because you are a member of Ubuntu
Bugs,
@toby-murray : My bad -- I didn't mean to steal your FWIW opening. Your
post reminded me to post back.
I haven't used Linux Mint, but if I recall correctly, you may be able to
force a dynamic library refresh by running ldconfig as root. That'll
change the dynamic library config, and might have
and since it is not working for some of us, even with version 5.02, then
fix is not released. please change the status.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1229195
Title:
Openconnect will
I still can't connect without --no-xmlpost, and I can't seem to find a
way to make networkmanager to pass that argument to openconnect. one
would think since this is linux, there should be a config file for that,
but there isn't.
--
You received this bug notification because you are a member of
@Perham
Could you please post or email logs for both the --no-xmlpost and normal
cases, using the command line client v5.02?
Thanks.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1229195
Title:
Ah, yes now I can connect to my gatway without --no-xmlpost (which was
not working with 5.01-1)
So... should I open a new bug or is anyone aware of existing one?
I use KDE NM applet...
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Hello,
I have installed 5.02-1 yet I still get the same problem.
With GUI I get this in log:
POST https://XXX/
Attempting to connect to server XXX:443
SSL negotiation with XXX
Connected to HTTPS on XXX
XML POST enabled
When I connect on command line with --no-xmlpost it works.
In syslog I
Jaceq, in your last comment you say that you can connect on the command
line with --no-xmlpost. Are you able to connect to your gateway on the
command line without adding the --no-xmlpost option using 5.02-1?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
On Wed, 2014-01-22 at 13:35 +, Jaceq wrote:
Jan 22 14:31:05 HP NetworkManager[844]: info VPN plugin state
changed: init (1)
Jan 22 14:31:36 HP NetworkManager[844]: error [1390397496.727336]
[nm-vpn-connection.c:1374] get_secrets_cb(): Failed to request VPN
secrets #3: (6) No agents were
** Branch linked: lp:debian/openconnect
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1229195
Title:
Openconnect will not connect under Saucy -- openssl problem?
To manage notifications about this
This bug was fixed in the package openconnect - 5.02-1
---
openconnect (5.02-1) unstable; urgency=medium
* New upstream release.
- Temporarily disable XML POST if an authgroup dropdown exists.
(LP: #1229195)
* doc-remove-footer.patch: Remove footer from HTML doc
And the one that doesn't... The values of several fields have been
altered, but I attempted to do so consistently, so you should be able to
figure it out.
** Attachment added: log2.txt
https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/1229195/+attachment/3937985/+files/log2.txt
--
Here's the one that works...
** Attachment added: log1.txt
https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/1229195/+attachment/3937984/+files/log1.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
@Cory
Basically there are two ways the ASA administrator can allow clients to
select an authgroup (aka tunnel-group, aka Connection Profile):
1) Set up a group-alias for the tunnel-group, and turn on tunnel-group-
list to show the dropdown menu:
ciscoasa(config-webvpn)# show run webvpn
Kevin, I've been away on vacation for two weeks. Sorry for the delay in
responding. What I really know is that the --no-xmlpost option fixed it
somehow. I assumed it was related to the code that I looked at briefly
that you appear to have also found restricting to auth group to the
choices
What I really know is that the --no-xmlpost option fixed it somehow.
Could you please post the output from running:
openconnect --no-xmlpost --dump-http-traffic SERVER
openconnect --dump-http-traffic SERVER
No need to actually log in - the forms will suffice.
--
You received this bug
Cory: By looking at the code in auth.c, it appears that the user
supplied authgroup is now validated against the list returned from the
server as part of the xmlpost code. Adding --no-xmlpost corrects the
problem because there's no list to validate against.
The current --authgroup implementation
I don't know if this should be a separate ticket, but I also have a
confirmed case where --no-xmlpost corrects the problem. I need to
specify --authgroup XXX where XXX is NOT one of the valid options listed
in the response from the sever. The server probably shouldn't be setup
that way, but
I need to specify --authgroup XXX where XXX is NOT one of the valid
options listed in the response from the sever. The server probably
shouldn't be setup that way, but it's not under my control.
Does this server work with the Cisco AnyConnect clients, or only
OpenConnect?
Perhaps it breaks on
Kevin Cernekee asked whether this works with Cisco AnyConnect clients.
Apparently the Cisco clients will allow you to type in a value that does
not appear in the drop-down menu (I know of others using this client,
but I am not.) It's possible that this connection configuration will be
broken when
Is there a fix coming for the network-manager-openconnect so that I can
connect via the GUI and know VPN status?
I have to use the --no-xmlpost option on the command line, otherwise I
get placed in the first GROUP. Problem is commandline requires me to
enter my group and username and password
Would it be possible for someone to provide some instructions for
running openconnect from the command line?
There are some relative noobs who are not sure how to do this exactly
and who find the instructions from the terminal and here
(http://www.infradead.org/openconnect/manual.html) a little
Hi MorrisseyJ
Try this from the command line - you need root or sudo here
sudo openconnect --no-proxy https://gateway
Regards
Cherif
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1229195
Title:
Wonderful, thanks.
James.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1229195
Title:
Openconnect will not connect under Saucy -- openssl problem?
To manage notifications about this bug go to:
Just a word to let you knoy I really love the work you are doing!
After updating from raring to saucy, I was having the same error and now
it works OK with the --no-xmlpost option
This is the verbose version of the error I was getting:
phe@sanlap:~$
phe@sanlap:~$
phe@sanlap:~$ sudo
Steve, I can confirm that my problem does not require anything more than
the FQDN -- it's a straight shot to somethingvpn.something.com, not
somethingvpn.something.com/something. I also tried a connect via IP address
and that didn't work.
Dumb question, and (presumably) not directly related to
With regards to network-manager, no apt-get should not pull in network-
manager components for the openconnect package.
If you want plain openconnect from the command line, which is perfectly
suitable for many, install the openconnect package.
If you want Unity or GNOME network-manager VPN
Changing status back to confirmed since it is being called a bug if the
--no-xmlpost option is required to connect successfully.
** Changed in: openconnect (Ubuntu)
Status: Incomplete = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
Running openconnect --no-xmlpost myvpnserver.com/vpn in the terminal
works for me too. So for me the ones that work in Saucy/5.01 allow you
to land on the FQDN or IP address. The ones that require a true URL
(vpn.com/vpn) fail unless the --no-xmlpost option is used.
--
You received this bug
running openconnect --no-xmlpost myvpnserver in the terminal works for
me too
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1229195
Title:
Openconnect will not connect under Saucy -- openssl
From the --dump-http output, it seems that the XML transaction is
selecting incorrect tunnel-group and group-alias.
I attempted to patch a --no-xmlpost option into network-manager-
openconnect, but in the process I figured out a strange workaround...
I am currently instructing my Ubuntu 13.10
I attempted to patch a --no-xmlpost option into network-manager-
openconnect
FWIW, I submitted a patch[1] to add an openconnect_set_xmlpost() library
function (for unrelated reasons tied to CSD/Hostscan). So on the GUI
side you would just need a checkbox in the glade xml, code to
OK, so maybe we need to merge this with bug 1202204, or at least refer.
But per http://www.infradead.org/openconnect/manual.html , the need for
this is a bug. Does it make sense to distribute this with a bug, with no
GUI workaround, as the default?
--
You received this bug notification because
Good to see that specifying the --no-xmlpost option solves this problem
for you. Is that an acceptable solution for you?
If you are running openconnect via the NetworkManager connection tool,
this option is not yet exposed in the connection editor. So you'll have
to use openconnect on the command
Preface: I've had this problem with the one server, but VMs on two
different machines and one Xubuntu machine.
4) Yes, it works if I compile openconnect 4.08 from source. When I
compile openconnect 5 from source using gnutls, I get the identical
error as the Ubuntu-distributed version. Oddly,
Thank you for taking the time to report this bug and helping to make
Ubuntu better. Unfortunately I am unable to reproduce this connection
failure with this version of openconnect and the VPN gateway that I use.
There is definitely not the speculated problem with the OpenSSL library
as compiled
Also
4) Are you still able to connect to the VPN gateway using an older
version of openconnect? Either using an earlier Ubuntu release or by
compiling an older version of openconnect from source?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: openconnect (Ubuntu)
Status: New = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1229195
Title:
I get the same problem if I compile 5.01 manually by forcing GnuTLS
(configure with options including --with-gnutls --without-openssl-
version-check).
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
43 matches
Mail list logo