I can establish an openconnect session just fine, but clicking on certain internal websites or uploading files causes it to die. The message in the logs when it dies is: 2013-05-07T16:05:44.412857-07:00 dabdike openconnect[31278]: Attempting to connect to 199.115.105.249:443 2013-05-07T16:05:44.426232-07:00 dabdike openconnect[31278]: SSL negotiation with wavpn.sw.ru 2013-05-07T16:05:44.468655-07:00 dabdike openconnect[31278]: Connected to HTTPS on wavpn.sw.ru 2013-05-07T16:05:44.484071-07:00 dabdike openconnect[31278]: Got CONNECT response: HTTP/1.1 200 OK 2013-05-07T16:05:44.486165-07:00 dabdike openconnect[31278]: CSTP connected. DPD 30, Keepalive 20 2013-05-07T16:05:44.534758-07:00 dabdike openconnect[31278]: Connected vpn0 as 10.10.65.251, using SSL 2013-05-07T16:05:53.035643-07:00 dabdike openconnect[31278]: DTLS handshake failed: 2 2013-05-07T16:06:20.168218-07:00 dabdike openconnect[31278]: SSL wrote too few bytes! Asked for 654, sent 0 2013-05-07T16:06:20.171367-07:00 dabdike openconnect[31278]: Send BYE packet: Internal error 2013-05-07T16:06:20.172621-07:00 dabdike openconnect[31278]: SSL_write failed: 1 2013-05-07T16:06:20.173937-07:00 dabdike openconnect[31278]: 140673877575400:error:1409F07F:SSL routines:SSL3_WRITE_PENDING:bad write retry:s3_pkt.c:871: The DTLS handshake failed looks like a red herring because that fills my logs even if the connection is successful: 2013-05-07T16:17:13.001040-07:00 dabdike openconnect[31655]: DTLS handshake failed: 1 2013-05-07T16:17:13.032813-07:00 dabdike openconnect[31655]: 140411814278888:error:14102410:SSL routines:DTLS1_READ_BYTES:sslv3 alert handshake failure:d1_pkt.c:1166:SSL alert number 40 If I lower the MTU of vpn0 to 499 instead of the default 999, the connection doesn't break nearly as frequently. James
