Hello everyone, here is another trace from an IOS router: POST / HTTP/1.1 Cache-Control: no-cache Connection: close Pragma: no-cache Host: lync.gmvl.de User-Agent: AnyConnect Windows 3.1.05152 X-Transcend-Version: 1 X-Aggregate-Auth: 1 X-AnyConnect-Platform: win Content-Length: 564 <?xml version="1.0" encoding="UTF-8"?> <config-auth client="vpn" type="init" aggregate-auth-version="2"> <version who="vpn">3.1.05152</version> <device-id device-type="Intel Pentium Processors= 4 x86" platform-version="6.1.7601 Service Pack 1" unique-id="B2B563176DCDE1E541C743464446CCC939B98C0E8CD59E8752E8B2814411EEBA">win</device-id> <mac-address-list> <mac-address>00-24-d7-11-74-00</mac-address> <mac-address>00-26-2d-fc-e4-1e</mac-address></mac-address-list> <group-select>full</group-select> <group-access>https://lync.gmvl.de</group-access> </config-auth> HTTP/1.1 303 See Other Content-Type: text/html Content-Length: 0 Location: https://lync.gmvl.de:443/webvpn.html Set-Cookie: webvpncontext=00 at tonline; path=/; Secure Connection: Keep-Alive GET /webvpn.html HTTP/1.1 Cache-Control: no-cache Connection: close Pragma: no-cache Cookie: webvpncontext=00 at tonline; Host: lync.gmvl.de:443 User-Agent: AnyConnect Windows 3.1.05152 X-Transcend-Version: 1 X-Aggregate-Auth: 1 X-AnyConnect-Platform: win HTTP/1.1 200 OK Cache-Control: max-age=0 Content-Type: text/html Set-Cookie: webvpn=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; Secure Set-Cookie: webvpncontext=00 at tonline; path=/; Secure X-Transcend-Version: 1 Content-Length: 473 Connection: close <?xml version="1.0" encoding="UTF-8"?> <auth id="main"> <title>Default Customization</title> <message>Please enter your username and password.</message> <form method="post" action="webvpn.html"> <input type="text" label="USERNAME:" name="username" value="" /> <input type="password" label="PASSWORD:" name="password" value="" /> <input type="submit" name="Login" value="Login" /> <input type="reset" name="Clear" value="Clear" /> </form> </auth> POST /webvpn.html HTTP/1.1 Cache-Control: no-cache Connection: Close Pragma: no-cache Cookie: webvpncontext=00 at tonline; Host: lync.gmvl.de:443 User-Agent: AnyConnect Windows 3.1.05152 X-Transcend-Version: 1 X-Aggregate-Auth: 1 X-AnyConnect-Platform: win Content-Length: 37 password=password&username=sithglan HTTP/1.1 200 OK Cache-Control: max-age=0 Content-Type: text/html Set-Cookie: webvpncontext=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; Secure Set-Cookie: webvpn=00 at 1311721029@00002 at 3598467018@1615302194 at tonline; path=/; Secure Set-Cookie: webvpnc=p:t&bu:/CACHE/webvpn/stc/&iu:1/&sh:9C6A0C3F094BCC96EA12D8F98FB12772C64C0DDC&; path=/; Secure X-Transcend-Version: 1 Content-Length: 130 Connection: close <?xml version="1.0" encoding="UTF-8"?><auth id="success"><title>SSL VPN Service</title><message>Success</message><success/></auth> GET /CACHE/webvpn/stc/1/index.html HTTP/1.1 Cache-Control: no-cache Connection: Close Pragma: no-cache Cookie: webvpn=00 at 1311721029@00002 at 3598467018@1615302194 at tonline;webvpnc=p:t&bu:/CACHE/webvpn/stc/&iu:1/&sh:9C6A0C3F094BCC96EA12D8F98FB12772C64C0DDC&; Host: lync.gmvl.de:443 User-Agent: AnyConnect Windows 3.1.05152 X-Transcend-Version: 1 X-Aggregate-Auth: 1 X-AnyConnect-Platform: win HTTP/1.1 200 OK Server: cisco-IOS Connection: close Content-Length: 5548 Content-Type: text/html Cache-Control: max-age=0 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <link rel="stylesheet" type="text/css" href="style.css" /> <meta name="expires" content="Sat, 01 Jan 2000 24:00:00 GMT"/> <title>Installation</title> <script type="text/javascript" language="JavaScript1.1" src="binaries/pkginit.js"></script> <script type="text/javascript" language="JavaScript1.1" src="binaries/main.js"></script> <script type="text/javascript" language="JavaScript1.1" src="strings.js"></script> <script type="text/javascript" language="JavaScript1.1"> function openTipsWindow() { var x = 310; window.open('tips.htm', 'tips', 'width=' + x + ',scrollbars=yes,toolbar=no,directories=no,' + 'status=no,menubar=no,top=0,screenY=0,resizable,' + 'left=' + (screen.width - x) + ',screenX=' + (screen.width - x)); } < 2014/01/11 23:10:19.190547 length=1016 from=1016 to=2031 function skipToManualInstall() { iStatus=-70; Launch(); } // preload images var preloadedImgs = new Array(); preloadedImgs[0] = new Image(100, 75); preloadedImgs[0].src = "images/company-logo.png"; preloadedImgs[1] = new Image(24, 24); preloadedImgs[1].src = "images/anyconnect-24.png"; preloadedImgs[2] = new Image(160, 67); preloadedImgs[2].src = "images/buttons.gif"; preloadedImgs[3] = new Image(282, 88); preloadedImgs[3].src = "images/infobar.gif"; preloadedImgs[3] = new Image(172, 14); preloadedImgs[3].src = "images/loading.gif"; preloadedImgs[4] = new Image(498,75); preloadedImgs[4].src = "images/header.jpg"; </script> </head> <body onload='loadPackage();'> <div align="center"> <table width="500" border="0" cellpadding="0" cellspacing="0" class="cuesHeaderBg wizard"> <tr> <td colspan="2" style="border-bottom: 1px solid #666666;" class="cuesHeaderTitleLogo"> <img id="companylogo" src="images/company-logo.png" align="absmiddle" title="Cisco Logo" alt="Cisco Logo" width="100" height="75">AnyConnect Secure Mobility Client </td> </tr> <tr> <td class="cuesWizardStepPanel"> <table border="0" cellpadding="0" cellspacing="0" class="wizard-steps-title"> <tr> <td class="cuesWizardIcon"> <img src="images/anyconnect-24.png" border="0" alt="AnyConnect Icon" title="AnyConnect Icon" width="24" height="24" /> </td> <td class="cuesWizardTitle">WebLaunch</td> </tr> </table> <table border="0" cellpadding="0" cellspacing="0" width="100%" class="wizard-steps"> <tr> <td id="state1no" class="cuesWizardStepSelectedNo"><input id="state1check" type="checkbox" tabindex="-1" disabled="true"/></td> <td id="state1dash" class="cuesWizardStepSelectedDash">-</td> <td id="state1phase" class="cuesWizardStepSelected">Platform Detection</td> </tr> <tr> <td id="state10no" class="cuesWizardStepFutureNo"><input id="state10check" type="checkbox" tabindex="-1" disabled="true"/></td> <td id="state10dash" class="cuesWizardStepFutureDash">-</td> <td id="state10phase" class="cuesWizardStepFuture">ActiveX</td> </tr> <tr> <td id="state20no" class="cuesWizardStepFutureNo"><input id="state20check" type="checkbox" tabindex="-1" disabled="true"/></td> <td id="state20dash" class="cuesWizardStepFutureDash">-</td> <td id="state20phase"class="cuesWizardStepFuture">Java Detection</td> </tr> <tr> <td id="state40no" class="cuesWizardStepFutureNo"><input id="state40check" type="checkbox" tabindex="-1" disabled="true"/></td> <td id="state40dash" class="cuesWizardStepFutureDash">-</td> <td id="state40phase" class="cuesWizardStepFuture">Java</td> </tr> <tr> <td id="state70no" class="cuesWizardStepFutureNo"><input id="state70check" type="checkbox" tabindex="-1" disabled="true"/></td> <td id="state70dash" class="cuesWizardStepFutureDash">-</td> <td id="state70phase" class="cuesWizardStepFuture">Download</td> </tr> <tr> <td id="state100no" class="cuesWizardStepFutureNo"><input id="state100check" type="checkbox" tabindex="-1" disabled="true"/></td> <td id="state100dash" class="cuesWizardStepFutureDash">-</td> <td id="state100phase" class="cuesWizardStepFuture">Connected</td> </tr> </table> </td> <td class="cuesWizardContent"> <div id="cuesWizardStepTitle">Platform Detection</div> <div id="cuesWizardContentBody" style="height:180"> <div id="idDivMessage" name="idDivMessage">The installer is detecting your operating system and CPU. Please wait...</div> </div> <div id="cuesWizardContentNavButtons"> <input id="helpButton" type="Submit" value="Help" class="cuesButton" onclick="openTipsWindow(); return false" onkeypress="openTipsWindow(); return false"/> <input id="manualInstallButton" type="button" value="Download" class="cuesWizardCancelButton" onclick="skipToManualInstall(); return false" onkeypress="skipToManualInstall(); return false"/> </div> </td> </tr> </table> </div> <iframe id="idiFrameMain" name="idiFrameMain" border="0" src="empty.html" width="20" height="0" MarginHeight="0" MarginWidth="0" FrameBorder="0"></iframe> <div id="idDivMain" name="idDivMain" style="position:relative"></div> </body> </html> GET /CACHE/webvpn/stc/1/Windows HTTP/1.1 Cache-Control: no-cache Connection: Close Pragma: no-cache Cookie: webvpn=00 at 1311721029@00002 at 3598467018@1615302194 at tonline;webvpnc=p:t&bu:/CACHE/webvpn/stc/&iu:1/&sh:9C6A0C3F094BCC96EA12D8F98FB12772C64C0DDC&; Host: lync.gmvl.de:443 User-Agent: AnyConnect Windows 3.1.05152 X-Transcend-Version: 1 X-Aggregate-Auth: 1 X-AnyConnect-Platform: win HTTP/1.1 200 OK Server: cisco-IOS Connection: close Content-Length: 0 Cache-Control: max-age=0 GET /CACHE/webvpn/stc/1/binaries/update.txt HTTP/1.1 Cache-Control: no-cache Connection: Close Pragma: no-cache Cookie: webvpn=00 at 1311721029@00002 at 3598467018@1615302194 at tonline;webvpnc=p:t&bu:/CACHE/webvpn/stc/&iu:1/&sh:9C6A0C3F094BCC96EA12D8F98FB12772C64C0DDC&; Host: lync.gmvl.de:443 User-Agent: AnyConnect Windows 3.1.05152 X-Transcend-Version: 1 X-Aggregate-Auth: 1 X-AnyConnect-Platform: win HTTP/1.1 200 OK Server: cisco-IOS Connection: close Content-Length: 11 Content-Type: text/plain Cache-Control: max-age=0 3,1,05152 GET /CACHE/webvpn/stc/1/VPNManifest.xml HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Cookie: webvpn=00 at 1311721029@00002 at 3598467018@1615302194 at tonline; Host: lync.gmvl.de User-Agent: AnyConnect Downloader 3.1.05152 HTTP/1.1 200 OK Server: cisco-IOS Content-Length: 1727 Content-Type: text/xml Cache-Control: max-age=0 <?xml version="1.0" encoding="UTF-8"?> <vpn rev="1.0"> <file version="3.1.05152" id="VPNCore" is_core="yes" type="exe" action="install"> <uri>binaries/anyconnect-win-3.1.05152-web-deploy-k9.exe</uri> <display-name>AnyConnect Secure Mobility Client</display-name> </file> <file version="3.1.05152" id="gina" is_core="no" type="exe" action="install" module="vpngina"> <uri>binaries/anyconnect-gina-win-3.1.05152-web-deploy-k9.exe</uri> <display-name>AnyConnect SBL</display-name> </file> <file version="3.1.05152" id="DART" is_core="no" type="msi" action="install" module="dart"> <uri>binaries/anyconnect-dart-win-3.1.05152-k9.msi</uri> <display-name>AnyConnect DART</display-name> </file> <file version="3.1.05152" id="NAM" is_core="no" type="msi" action="install" module="nam"> <uri>binaries/anyconnect-nam-win-3.1.05152-k9.msi</uri> <display-name>AnyConnect Network Access Manager</display-name> </file> <file version="3.1.05152" id="WebSecurity" is_core="no" type="exe" action="install" module="websecurity"> <uri>binaries/anyconnect-websecurity-win-3.1.05152-web-deploy-k9.exe</uri> <display-name>AnyConnect Web Security</display-name> </file> <file version="3.1.05152" id="Posture" is_core="no" type="msi" action="install" module="posture"> <uri>binaries/anyconnect-posture-win-3.1.05152-web-deploy-k9.msi</uri> <display-name>AnyConnect Posture</display-name> </file> <file version="3.1.05152" id="Telemetry" is_core="no" type="exe" action="install" module="telemetry"> <uri>binaries/anyconnect-telemetry-win-3.1.05152-web-deploy-k9.exe</uri> <display-name>AnyConnect Telemetry</display-name> </file> </vpn> GET /+CSCOT+/translation-table?type=combined-manifest&textdomain=AnyConnect HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Cookie: webvpn=00 at 1311721029@00002 at 3598467018@1615302194 at tonline; Host: lync.gmvl.de User-Agent: AnyConnect Downloader 3.1.05152 HTTP/1.1 404 Not Found Date: Sat, 11 Jan 2014 22:10:21 GMT Content-Length: 0 Content-Type: text/html Connection: Keep-Alive GET /+CSCOT+/translation-table?type=mst-manifest&textdomain=AnyConnect HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Cookie: webvpn=00 at 1311721029@00002 at 3598467018@1615302194 at tonline; Host: lync.gmvl.de User-Agent: AnyConnect Downloader 3.1.05152 HTTP/1.1 404 Not Found Date: Sat, 11 Jan 2014 22:10:21 GMT Content-Length: 0 Content-Type: text/html Connection: Keep-Alive GET /+CSCOT+/oem-customization?app=AnyConnect&type=manifest&platform=win HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Cookie: webvpn=00 at 1311721029@00002 at 3598467018@1615302194 at tonline; Host: lync.gmvl.de User-Agent: AnyConnect Downloader 3.1.05152 HTTP/1.1 404 Not Found Date: Sat, 11 Jan 2014 22:10:21 GMT Content-Length: 0 Content-Type: text/html Connection: Keep-Alive CONNECT /CSCOSSLC/tunnel HTTP/1.1 Host: lync.gmvl.de User-Agent: Cisco AnyConnect VPN Agent for Windows 3.1.05152 Cookie: webvpn=00 at 1311721029@00002 at 3598467018@1615302194 at tonline X-CSTP-Version: 1 X-CSTP-Hostname: lenovo X-CSTP-MTU: 1299 X-CSTP-Address-Type: IPv6,IPv4 X-CSTP-Local-Address-IP4: 192.168.0.249 X-CSTP-Base-MTU: 1400 X-CSTP-Remote-Address-IP4: 1.2.3.4 X-CSTP-Full-IPv6-Capability: true X-DTLS-Master-Secret: secret X-DTLS-CipherSuite: AES256-SHA:AES128-SHA:DES-CBC3-SHA:DES-CBC-SHA X-DTLS-Accept-Encoding: lzs X-DTLS-Header-Pad-Length: 0 X-CSTP-Accept-Encoding: lzs,deflate X-CSTP-Protocol: Copyright (c) 2004 Cisco Systems, Inc. HTTP/1.1 200 OK Server: Cisco IOS SSLVPN X-CSTP-Version: 1 X-CSTP-Address: 10.50.0.2 X-CSTP-Netmask: 255.255.255.0 X-CSTP-Keep: true X-CSTP-DNS: 8.8.8.8 X-CSTP-NBNS: 1.2.3.4 X-CSTP-Lease-Duration: 43200 X-CSTP-MTU: 1299 X-CSTP-Default-Domain: gmvl.de X-CSTP-Split-Exclude: 0.0.0.0/255.255.255.255 X-CSTP-Rekey-Time: 3600 X-CSTP-Rekey-Method: new-tunnel X-CSTP-DPD: 3600 X-CSTP-Disconnected-Timeout: 2100 X-CSTP-Idle-Timeout: 2100 X-CSTP-Session-Timeout: 0 X-CSTP-Keepalive: 30 X-DTLS-Session-ID: whatever X-DTLS-Port: 443 X-DTLS-CipherSuite: AES256-SHA X-DTLS-DPD: 3600 X-DTLS-KeepAlive: 30 X-DTLS-Rekey-Time: 3600 Cheers, Thomas
