That works great on Android now. Thanks, Nikos. On iOS client, it still fails at infinite username prompt, log: ocserv[14809]: [MYIP]:61337 accepted connection ocserv[14809]: GnuTLS error (at worker-vpn.c:571): The TLS connection was non-properly terminated. ocserv[14807]: [MYIP]:61337 command socket closed tls-debug log: http://pastebin.com/9SAjZJ79 iOS client complains : No valid certificates available for authentication. Which Cisco doc said: "The secure gateway did not accept any of the certificates AnyConnect provided. No more certificates remain." On Tue, Dec 10, 2013 at 5:14 AM, Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote: > On Tue, 2013-12-10 at 04:11 +0800, Karl wrote: >> No luck. >> error verifying client certificate: No >> certificate was found. >> ocserv[13873]: sec-mod received request from pid 13878 and uid 65534 >> ocserv[13878]: [MYIP]:37082 TLS handshake completed >> ocserv[13878]: [MYIP]:37082 sending cookie authentication request >> ocserv[13872]: [MYIP]:37082 user 'user' presented a certificate from user '' > > I think we are getting closer though (you may try again). > > regards, > Nikos > >
