Hi, I just spend my day trying to get openconnect to work with windows (using cygwin). I may prepend: I successfully got a connection on linux, so the interoperability between openconnect and my vpn server should be save. unfortunately I have no access to this server. Here is what I've done so far: I first installed cygwin with these packages: openssl,openssl-devel,libopenssl098,make,libxml2,libxml2-devel,libiconv,libiconv2,automake,make,gcc4. I then cloned the latest git-revision and tried to compile. Of cause this failed :-( Then I looked at vpnc and tried to understand what has to be done differently with cygwin. I think most changes should appear in the tun.c-file, most other files should be platform-independent. So I wrote some code to open the tun-device (copied a log from vpnc). I finally managed to compile openconnect. When trying to connect to the server, first everything seems fine. I'm getting the usual connection-messages, I'm being asked for my credentials, and finally (in verbose-mode) I'm getting X-CSTP-Information from my network. So this seems to be fine. Then I'm being assigned an IP-Adress, and my vpnc-win-script manages to set these infos on my "TAP-Win32 Adapter V9". when looking at these information using ipconfig and route, everything seems to be fine. But I just can't manage to transfer any data. Unfortunately, I don't have access to the server, so I cannot do any logging on the server-side to validate if any packages arrive. I've attached my patched tun.c, a slightly modified ssl.c, the vpnc-connect-scripts for windows and a log from my connection. Unfortunately I'm a git-noob, so I don't know what would be the best way to provide these files in a git-conform-way. Any ideas on why I can't get any connection over the openconnect-tunnel? Best regards, orgler -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20110220/3e4ceddb/attachment-0001.html> -------------- next part -------------- $ ./openconnect.exe -v --script=./vpnc-script-win MY_SERVER_IP Attempting to connect to MY_SERVER_IP:443 SSL negotiation with MY_SERVER_IP Server certificate verify failed: self signed certificate Certificate from VPN server "MY_SERVER_IP" failed verification. Reason: self signed certificate Enter 'yes' to accept, 'no' to abort; anything else to view: yes Connected to HTTPS on MY_SERVER_IP GET https://MY_SERVER_IP/ Got HTTP response: HTTP/1.1 302 Object Moved Server: Cisco AWARE 2.0 Content-Type: text/html; charset=UTF-8 Content-Length: 0 Cache-Control: no-cache Pragma: no-cache Connection: Keep-Alive Date: Sun, 20 Feb 2011 18:23:04 GMT Location: /+webvpn+/index.html Set-Cookie: tg=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/ HTTP body length: (0) GET https://MY_SERVER_IP/+webvpn+/index.html Got HTTP response: HTTP/1.1 200 OK Server: Virata-EmWeb/R6_2_0 Transfer-Encoding: chunked Content-Type: text/xml Cache-Control: max-age=0 Set-Cookie: webvpn=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/ Set-Cookie: webvpnc=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/ Set-Cookie: webvpnlogin=1 X-Transcend-Version: 1 HTTP body chunked (-2) Fixed options give Please enter your username and password. USERNAME:MY_USERNAME Password:wont_tell_this POST https://MY_SERVER_IP/+webvpn+/index.html Got HTTP response: HTTP/1.1 200 OK Server: Virata-EmWeb/R6_2_0 Transfer-Encoding: chunked Content-Type: text/xml Cache-Control: max-age=0 Set-Cookie: webvpnlogin=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/ Set-Cookie: webvpn=<elided>;PATH=/ Set-Cookie: webvpnc=SECRET :-) X-Transcend-Version: 1 HTTP body chunked (-2) Got CONNECT response: HTTP/1.1 200 OK X-CSTP-Version: 1 X-CSTP-Address: 10.115.1.232 X-CSTP-Netmask: 255.255.255.0 X-CSTP-DNS: correct... X-CSTP-DNS: correct... X-CSTP-NBNS: correct... X-CSTP-NBNS: correct... X-CSTP-Lease-Duration: 1209600 X-CSTP-Session-Timeout: none X-CSTP-Idle-Timeout: 1800 X-CSTP-Disconnected-Timeout: 1800 X-CSTP-Keep: true X-CSTP-DPD: 30 X-CSTP-Keepalive: 20 X-CSTP-MSIE-Proxy: bypass-local X-CSTP-MSIE-Proxy-Server: correct... X-CSTP-Smartcard-Removal-Disconnect: true X-CSTP-Content-Encoding: deflate X-DTLS-Session-ID: DON'T KNOW IF THIS IS SECRET 17A X-DTLS-Port: 443 X-DTLS-Keepalive: 20 X-DTLS-DPD: 30 X-CSTP-MTU: 1370 X-DTLS-CipherSuite: AES128-SHA CSTP connected. DPD 30, Keepalive 20 Device: LAN-Verbindung 2 TAP-Win32 Driver Version 9.8 Microsoft (R) Windows Script Host, Version 5.8 Copyright (C) Microsoft Corporation 1996-2001. Alle Rechte vorbehalten. VPN Gateway: MY_SERVER_IP Internal Address: 10.115.1.232 Internal Netmask: 255.255.255.0 Interface: "LAN-Verbindung 2" Configuring "LAN-Verbindung 2" interface... done. Configuring networks: Route configuration done. DTLS option X-DTLS-Session-ID : SECRET DTLS option X-DTLS-Port : 443 DTLS option X-DTLS-Keepalive : 20 DTLS option X-DTLS-DPD : 30 DTLS option X-DTLS-CipherSuite : AES128-SHA DTLS connected. DPD 30, Keepalive 20 Connected LAN-Verbindung 2 as 10.115.1.232, using SSL + deflate Sending compressed data packet of 344 bytes Sending compressed data packet of 42 bytes Sending compressed data packet of 42 bytes Sending compressed data packet of 342 bytes Sending compressed data packet of 42 bytes Sending compressed data packet of 42 bytes Sending compressed data packet of 42 bytes Sending compressed data packet of 54 bytes Sending compressed data packet of 54 bytes Sending compressed data packet of 66 bytes No work to do; sleeping for 16000 ms... Established DTLS connection Sent DTLS packet of 42 bytes; SSL_write() returned 43 Sent DTLS packet of 66 bytes; SSL_write() returned 67 Sent DTLS packet of 54 bytes; SSL_write() returned 55 Sent DTLS packet of 62 bytes; SSL_write() returned 63 Sent DTLS packet of 528 bytes; SSL_write() returned 529 Sent DTLS packet of 42 bytes; SSL_write() returned 43 Sent DTLS packet of 70 bytes; SSL_write() returned 71 Sent DTLS packet of 70 bytes; SSL_write() returned 71 Sent DTLS packet of 70 bytes; SSL_write() returned 71 Sent DTLS packet of 42 bytes; SSL_write() returned 43 No work to do; sleeping for 19000 ms... Sent DTLS packet of 70 bytes; SSL_write() returned 71 Sent DTLS packet of 70 bytes; SSL_write() returned 71 Sent DTLS packet of 70 bytes; SSL_write() returned 71 Sent DTLS packet of 476 bytes; SSL_write() returned 477 Sent DTLS packet of 42 bytes; SSL_write() returned 43 Sent DTLS packet of 42 bytes; SSL_write() returned 43 Sent DTLS packet of 540 bytes; SSL_write() returned 541 Sent DTLS packet of 175 bytes; SSL_write() returned 176 Sent DTLS packet of 556 bytes; SSL_write() returned 557 Sent DTLS packet of 485 bytes; SSL_write() returned 486 No work to do; sleeping for 18000 ms... Sent DTLS packet of 42 bytes; SSL_write() returned 43 Sent DTLS packet of 42 bytes; SSL_write() returned 43 Sent DTLS packet of 175 bytes; SSL_write() returned 176 Sent DTLS packet of 542 bytes; SSL_write() returned 543 Sent DTLS packet of 528 bytes; SSL_write() returned 529 Sent DTLS packet of 42 bytes; SSL_write() returned 43 Sent DTLS packet of 165 bytes; SSL_write() returned 166 Sent DTLS packet of 167 bytes; SSL_write() returned 168 Sent DTLS packet of 171 bytes; SSL_write() returned 172 Sent DTLS packet of 175 bytes; SSL_write() returned 176 No work to do; sleeping for 16000 ms... Sent DTLS packet of 476 bytes; SSL_write() returned 477 Sent DTLS packet of 54 bytes; SSL_write() returned 55 Sent DTLS packet of 54 bytes; SSL_write() returned 55 Sent DTLS packet of 42 bytes; SSL_write() returned 43 Sent DTLS packet of 54 bytes; SSL_write() returned 55 Sent DTLS packet of 54 bytes; SSL_write() returned 55 Sent DTLS packet of 66 bytes; SSL_write() returned 67 Sent DTLS packet of 54 bytes; SSL_write() returned 55 Sent DTLS packet of 66 bytes; SSL_write() returned 67 Sent DTLS packet of 42 bytes; SSL_write() returned 43 No work to do; sleeping for 16000 ms... Sent DTLS packet of 54 bytes; SSL_write() returned 55 Sent DTLS packet of 42 bytes; SSL_write() returned 43 Sent DTLS packet of 540 bytes; SSL_write() returned 541 Sent DTLS packet of 175 bytes; SSL_write() returned 176 Sent DTLS packet of 556 bytes; SSL_write() returned 557 Sent DTLS packet of 485 bytes; SSL_write() returned 486 Sent DTLS packet of 175 bytes; SSL_write() returned 176 Sent DTLS packet of 542 bytes; SSL_write() returned 543 Sent DTLS packet of 42 bytes; SSL_write() returned 43 Sent DTLS packet of 175 bytes; SSL_write() returned 176 No work to do; sleeping for 14000 ms... Sent DTLS packet of 528 bytes; SSL_write() returned 529 Sent DTLS packet of 165 bytes; SSL_write() returned 166 Sent DTLS packet of 167 bytes; SSL_write() returned 168 Sent DTLS packet of 171 bytes; SSL_write() returned 172 Sent DTLS packet of 175 bytes; SSL_write() returned 176 Sent DTLS packet of 476 bytes; SSL_write() returned 477 Sent DTLS packet of 42 bytes; SSL_write() returned 43 Sent DTLS packet of 42 bytes; SSL_write() returned 43 Sent DTLS packet of 42 bytes; SSL_write() returned 43 Sent DTLS packet of 540 bytes; SSL_write() returned 541 No work to do; sleeping for 12000 ms... Sent DTLS packet of 556 bytes; SSL_write() returned 557 Sent DTLS packet of 485 bytes; SSL_write() returned 486 Sent DTLS packet of 42 bytes; SSL_write() returned 43 Sent DTLS packet of 66 bytes; SSL_write() returned 67 Sent DTLS packet of 66 bytes; SSL_write() returned 67 Sent DTLS packet of 219 bytes; SSL_write() returned 220 Sent DTLS packet of 243 bytes; SSL_write() returned 244 Sent DTLS packet of 542 bytes; SSL_write() returned 543 Sent DTLS packet of 42 bytes; SSL_write() returned 43 Sent DTLS packet of 175 bytes; SSL_write() returned 176 No work to do; sleeping for 11000 ms... Sent DTLS packet of 42 bytes; SSL_write() returned 43 Sent DTLS packet of 219 bytes; SSL_write() returned 220 Sent DTLS packet of 42 bytes; SSL_write() returned 43 Sent DTLS packet of 42 bytes; SSL_write() returned 43 Sent DTLS packet of 219 bytes; SSL_write() returned 220 Sent DTLS packet of 175 bytes; SSL_write() returned 176 Sent DTLS packet of 42 bytes; SSL_write() returned 43 Sent DTLS packet of 42 bytes; SSL_write() returned 43 Sent DTLS packet of 219 bytes; SSL_write() returned 220 Sent DTLS packet of 42 bytes; SSL_write() returned 43 No work to do; sleeping for 7000 ms... -------------- next part -------------- A non-text attachment was scrubbed... Name: vpnc-script-win Type: application/octet-stream Size: 141 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20110220/3e4ceddb/attachment-0001.obj> -------------- next part -------------- A non-text attachment was scrubbed... Name: vpnc-script-win.js Type: application/x-javascript Size: 3016 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20110220/3e4ceddb/attachment-0001.js> -------------- next part -------------- A non-text attachment was scrubbed... Name: ssl.c Type: text/x-csrc Size: 29143 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20110220/3e4ceddb/attachment-0003.bin> -------------- next part -------------- A non-text attachment was scrubbed... Name: tap-win32.h Type: text/x-chdr Size: 3531 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20110220/3e4ceddb/attachment-0004.bin> -------------- next part -------------- A non-text attachment was scrubbed... Name: tun.c Type: text/x-csrc Size: 23121 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20110220/3e4ceddb/attachment-0005.bin>
