On 01/11/2014 08:42 PM, Thomas Glanzmann wrote: > Hello, > Server: > HTTP/1.1 200 OK > Connection: Keep-Alive > Content-Type: text/xml > Content-Length: 213 > X-Transcend-Version: 1 > <?xml version="1.0" encoding="UTF-8"?> > <auth id="main"> > <message>Please enter your password</message> > <form method="post" action="/auth"> > <input type="password" name="password" label="Password:" /> > </form></auth> > > Client: > POST /auth HTTP/1.1 > Cache-Control: no-cache > Connection: Close > Pragma: no-cache > User-Agent: AnyConnect Windows 3.0.07059 > X-Transcend-Version: 1 > X-Aggregate-Auth: 1 > X-AnyConnect-Platform: win > Content-Length: 19 > Host: lync.gmvl.de > > password=password > > HTTP/1.1 200 OK > Connection: Keep-Alive > Content-Type: text/xml > Content-Length: 209 > X-Transcend-Version: 1 There is something fishy at this point. Could you try the current version from repository? It wouldn't fix the issue but at least it has some debugging to trace the issue down (use only -d for debugging). > <?xml version="1.0" encoding="UTF-8"?> > <auth id="main"> > <message>Please enter your username</message> > <form method="post" action="/auth"> > <input type="text" name="username" label="Username:" /> > </form></auth> > What I don't like here is that it is just using a post but on [1] it says it > should use a format similiar to: > <config-auth client="vpn" type="auth-reply"> > <version who="vpn">v5.01</version> > <device-id>linux-64</device-id> > <auth><username>test</username></auth> > </config-auth> The format you see on the wire is from an older version of the anyconnect protocol. Either you client is old, or it has detected the server as old and uses the old format. Nevertheless, that shouldn't cause any issue. regards, Nikos
