HI All I compiled ocserv and 0.3 on Fedora 64 Bit But Unable to connect from AnyConnect Windows & Android Clients to ocserv 0.3 Please help me My Log : ocserv[10211]: GnuTLS error (at worker-vpn.c:664): A TLS fatal alert has been received.: Unknown certificate ocserv[10209]: *.*.*.*:33542 main-misc.c:468: command socket closed ocserv[10212]: *.*.*.*:33543 accepted connection ocserv[10210]: sec-mod received request from pid 10212 and uid 0 ocserv[10212]: *.*.*.*:33543 sending message 'resume data store request' to main ocserv[10212]: *.*.*.*:33543 TLS handshake completed ocserv[10209]: *.*.*.*:33543 main received message 'resume data store request' of 258 bytes ocserv[10209]: *.*.*.*:33543 TLS session DB storing 11745f92c875d2a74ec94326a5c22b927fc7359b37ece7def0fbe86c0396a101 ocserv[10212]: *.*.*.*:33543 HTTP: User-Agent: AnyConnect Android 3.0.09242 ocserv[10212]: *.*.*.*:33543 HTTP: Host: 142.4.201.188 ocserv[10212]: *.*.*.*:33543 HTTP: Accept: */* ocserv[10212]: *.*.*.*:33543 HTTP: Accept-Encoding: identity ocserv[10212]: *.*.*.*:33543 HTTP: X-Transcend-Version: 1 ocserv[10212]: *.*.*.*:33543 HTTP: X-Transcend-Version: 1 ocserv[10212]: *.*.*.*:33543 HTTP: X-AnyConnect-Identifier-ClientVersion: 3.0.09242 ocserv[10212]: *.*.*.*:33543 HTTP: X-AnyConnect-Identifier-Platform: android ocserv[10212]: *.*.*.*:33543 HTTP: X-AnyConnect-Identifier-PlatformVersion: 4.1.1 ocserv[10212]: *.*.*.*:33543 HTTP: X-AnyConnect-Identifier-DeviceType: rockchip ORIGIN A7 ocserv[10212]: *.*.*.*:33543 HTTP: X-AnyConnect-Identifier-Device-UniqueID: 8A1D1CF69D6123EDD781EB6D1F4CF112944018BE ocserv[10212]: *.*.*.*:33543 HTTP: X-Aggregate-Auth: 1 ocserv[10212]: *.*.*.*:33543 HTTP: Connection: close ocserv[10212]: *.*.*.*:33543 HTTP: Content-Length: 326 ocserv[10212]: *.*.*.*:33543 HTTP: Content-Type: application/x-www-form-urlencoded ocserv[10212]: *.*.*.*:33543 HTTP POST / ocserv[10212]: *.*.*.*:33543 POST body: '<?xml version="1.0" encoding="UTF-8"?> <config-auth client="vpn" type="init"> <device-id platform-version="4.1.1" device-type="rockchip ORIGIN A7" unique-id="8A1D1CF69D6123EDD781EB6D1F4CF112944018BE">android</device-id> <version who="vpn">3.0.09242</version> <group-access>https://142.4.201.188/</group-access> </config-auth> ' ocserv[10212]: *.*.*.*:33543 cannot find username in client XML message ocserv[10212]: *.*.*.*:33543 failed reading username ocserv[10212]: *.*.*.*:33543 sent sid: FhxWoohQAeM9NL9g ocserv[10212]: *.*.*.*:33543 HTTP: User-Agent: AnyConnect Android 3.0.09242 ocserv[10212]: *.*.*.*:33543 HTTP: Host: 142.4.201.188 ocserv[10212]: *.*.*.*:33543 HTTP: Accept: */* ocserv[10212]: *.*.*.*:33543 HTTP: Accept-Encoding: identity ocserv[10212]: *.*.*.*:33543 HTTP: Cookie: webvpncontext=FhxWoohQAeM9NL9g ocserv[10212]: *.*.*.*:33543 received sid: FhxWoohQAeM9NL9g ocserv[10212]: *.*.*.*:33543 HTTP: X-Transcend-Version: 1 ocserv[10212]: *.*.*.*:33543 HTTP: X-Transcend-Version: 1 ocserv[10212]: *.*.*.*:33543 HTTP: X-AnyConnect-Identifier-ClientVersion: 3.0.09242 ocserv[10212]: *.*.*.*:33543 HTTP: X-AnyConnect-Identifier-Platform: android ocserv[10212]: *.*.*.*:33543 HTTP: X-AnyConnect-Identifier-PlatformVersion: 4.1.1 ocserv[10212]: *.*.*.*:33543 HTTP: X-AnyConnect-Identifier-DeviceType: rockchip ORIGIN A7 ocserv[10212]: *.*.*.*:33543 HTTP: X-AnyConnect-Identifier-Device-UniqueID: 8A1D1CF69D6123EDD781EB6D1F4CF112944018BE ocserv[10212]: *.*.*.*:33543 HTTP: X-Aggregate-Auth: 1 ocserv[10212]: *.*.*.*:33543 HTTP: Content-Length: 12 ocserv[10212]: *.*.*.*:33543 HTTP: Content-Type: application/x-www-form-urlencoded ocserv[10212]: *.*.*.*:33543 HTTP POST /auth ocserv[10212]: *.*.*.*:33543 POST body: 'username=cmd' ocserv[10212]: *.*.*.*:33543 updating SID ocserv[10212]: *.*.*.*:33543 sending message 'auth init' to main ocserv[10209]: *.*.*.*:33543 main received message 'auth init' of 25 bytes ocserv[10209]: *.*.*.*:33543 auth init set SID to FhxWoohQAeM9NL9g ocserv[10209]: *.*.*.*:33543 auth init for user 'cmd' from '*.*.*.*:33543' ocserv[10209]: *.*.*.*:33543 sending message 'auth reply' to worker ocserv[10212]: *.*.*.*:33543 received auth reply message (value: 2) ocserv[10212]: *.*.*.*:33543 continuing authentication for '' ocserv[10212]: *.*.*.*:33543 HTTP: User-Agent: AnyConnect Android 3.0.09242 ocserv[10212]: *.*.*.*:33543 HTTP: Host: 142.4.201.188 ocserv[10212]: *.*.*.*:33543 HTTP: Accept: */* ocserv[10212]: *.*.*.*:33543 HTTP: Accept-Encoding: identity ocserv[10212]: *.*.*.*:33543 HTTP: Cookie: webvpncontext=FhxWoohQAeM9NL9g ocserv[10212]: *.*.*.*:33543 received sid: FhxWoohQAeM9NL9g ocserv[10212]: *.*.*.*:33543 HTTP: X-Transcend-Version: 1 ocserv[10212]: *.*.*.*:33543 HTTP: X-Transcend-Version: 1 ocserv[10212]: *.*.*.*:33543 HTTP: X-AnyConnect-Identifier-ClientVersion: 3.0.09242 ocserv[10212]: *.*.*.*:33543 HTTP: X-AnyConnect-Identifier-Platform: android ocserv[10212]: *.*.*.*:33543 HTTP: X-AnyConnect-Identifier-PlatformVersion: 4.1.1 ocserv[10212]: *.*.*.*:33543 HTTP: X-AnyConnect-Identifier-DeviceType: rockchip ORIGIN A7 ocserv[10212]: *.*.*.*:33543 HTTP: X-AnyConnect-Identifier-Device-UniqueID: 8A1D1CF69D6123EDD781EB6D1F4CF112944018BE ocserv[10212]: *.*.*.*:33543 HTTP: X-Aggregate-Auth: 1 ocserv[10212]: *.*.*.*:33543 HTTP: Content-Length: 22 ocserv[10212]: *.*.*.*:33543 HTTP: Content-Type: application/x-www-form-urlencoded ocserv[10212]: *.*.*.*:33543 HTTP POST /auth ocserv[10212]: *.*.*.*:33543 POST body: 'password=Command%40110' ocserv[10212]: *.*.*.*:33543 sending message 'auth request' to main ocserv[10209]: *.*.*.*:33543 main received message 'auth request' of 13 bytes ocserv[10209]: *.*.*.*:33543 auth req for user 'cmd' ocserv[10209]: *.*.*.*:33543 accepting user 'cmd' ocserv[10209]: *.*.*.*:33543 auth deinit for user 'cmd' ocserv[10209]: *.*.*.*:33543 No user configuration for 'cmd' ocserv[10209]: *.*.*.*:33543 No group configuration for 'cmd' ocserv[10209]: *.*.*.*:33543 selected IP for 'cmd': 10.10.10.86 ocserv[10209]: *.*.*.*:33543 assigned IPv4 to 'cmd': 10.10.10.87 ocserv[10209]: *.*.*.*:33543 assigning tun device vpns0 ocserv[10209]: *.*.*.*:33543 user 'cmd' of group 'cmd' authenticated ocserv[10209]: *.*.*.*:33543 sending (socket) message 2 to worker ocserv[10212]: *.*.*.*:33543 received auth reply message (value: 1) ocserv[10212]: *.*.*.*:33543 user 'cmd' logged in ocserv[10219]: *.*.*.*:33544 accepted connection ocserv[10210]: sec-mod received request from pid 10219 and uid 0 ocserv[10219]: *.*.*.*:33544 sending message 'resume data store request' to main ocserv[10219]: *.*.*.*:33544 TLS handshake completedocserv[10209]: *.*.*.*:33544 main received message 'resume data store request' of 258 bytes ocserv[10209]: *.*.*.*:33544 TLS session DB storing 523a36cf8c88974058aeb0968cb97f4d55063ee7cfebd959aba78c2319f2f2e5 ocserv[10219]: *.*.*.*:33544 HTTP: User-Agent: AnyConnect Android 3.0.09242 ocserv[10219]: *.*.*.*:33544 HTTP: Host: 142.4.201.188 ocserv[10219]: *.*.*.*:33544 HTTP: Accept: */* ocserv[10219]: *.*.*.*:33544 HTTP: Cookie: webvpn=BOOmbLR8/PR3409+pc8fh6Ejm3obaoZe0SY/W1Z/1im68xNU9T2Mp4AnzzkC82sS0//klcWZBt3BI8o0Zz6rx2i1AVARTZlsBCbzwzCHeEz3V8KSEhRJbc/OiZWQ1tNFz6v9l9BgfNd08tVw8hhXEGqLYRzH/r3Z7ltc+oKjahTaGSx6s6SyNici2EZ0alyhlIVNW4CzFIMSM4NK6Fbl139EGxq+0UGnFgRKrvjRvnqeR5Jz6rJSBN96keCbuAb+BQG1QAEbdZFQq5eP+V5fPiJkr2IpxPabRGjJ4yGfWFnouXseZmVI8FUIepMNIyBzu7fhwEEydFtPNsLubM6Idw== ocserv[10219]: *.*.*.*:33544 HTTP GET /+CSCOT+/translation-table?type=combined-manifest&textdomain=AnyConnect ocserv[10219]: *.*.*.*:33544 unexpected URL /+CSCOT+/translation-table?type=combined-manifest&textdomain=AnyConnect ocserv[10209]: *.*.*.*:33544 main-misc.c:468: command socket closed ocserv[10220]: *.*.*.*:33545 accepted connection ocserv[10220]: GnuTLS error (at worker-vpn.c:664): A TLS fatal alert has been received.: CA is unknown ocserv[10209]: *.*.*.*:33545 main-misc.c:468: command socket closed ocserv[10221]: *.*.*.*:33546 accepted connection ocserv[10210]: sec-mod received request from pid 10221 and uid 0 ocserv[10221]: *.*.*.*:33546 sending message 'resume data store request' to main ocserv[10209]: *.*.*.*:33546 main received message 'resume data store request' of 258 bytes ocserv[10209]: *.*.*.*:33546 TLS session DB storing 8057ebc3f63870544120810f0f1d1ec9a12c2779e39ea2907604616de1d7c4aa ocserv[10221]: *.*.*.*:33546 TLS handshake completed ocserv[10221]: *.*.*.*:33546 HTTP: Host: 142.4.201.188 ocserv[10221]: *.*.*.*:33546 HTTP: User-Agent: Cisco AnyConnect VPN Agent for Android 3.0.09242 ocserv[10221]: *.*.*.*:33546 HTTP: Cookie: webvpn=BOOmbLR8/PR3409+pc8fh6Ejm3obaoZe0SY/W1Z/1im68xNU9T2Mp4AnzzkC82sS0//klcWZBt3BI8o0Zz6rx2i1AVARTZlsBCbzwzCHeEz3V8KSEhRJbc/OiZWQ1tNFz6v9l9BgfNd08tVw8hhXEGqLYRzH/r3Z7ltc+oKjahTaGSx6s6SyNici2EZ0alyhlIVNW4CzFIMSM4NK6Fbl139EGxq+0UGnFgRKrvjRvnqeR5Jz6rJSBN96keCbuAb+BQG1QAEbdZFQq5eP+V5fPiJkr2IpxPabRGjJ4yGfWFnouXseZmVI8FUIepMNIyBzu7fhwEEydFtPNsLubM6Idw== ocserv[10221]: *.*.*.*:33546 HTTP: X-CSTP-Version: 1 ocserv[10221]: *.*.*.*:33546 HTTP: X-CSTP-Hostname: localhost ocserv[10221]: *.*.*.*:33546 HTTP: X-CSTP-MTU: 1405 ocserv[10221]: *.*.*.*:33546 HTTP: X-CSTP-Address-Type: IPv6,IPv4 ocserv[10221]: *.*.*.*:33546 HTTP: X-CSTP-License: mobile ocserv[10221]: *.*.*.*:33546 HTTP: X-AnyConnect-Identifier-ClientVersion: 3.0.09242 ocserv[10221]: *.*.*.*:33546 HTTP: X-AnyConnect-Identifier-Platform: android ocserv[10221]: *.*.*.*:33546 HTTP: X-AnyConnect-Identifier-PlatformVersion: 4.1.1 ocserv[10221]: *.*.*.*:33546 HTTP: X-AnyConnect-Identifier-DeviceType: rockchip ORIGIN A7 ocserv[10221]: *.*.*.*:33546 HTTP: X-AnyConnect-Identifier-Device-UniqueID: 8A1D1CF69D6123EDD781EB6D1F4CF112944018BE ocserv[10221]: *.*.*.*:33546 HTTP: X-DTLS-Master-Secret: 0391270607A758E1B52EEB67AEAA5A9A8B67B2C589726F95F6A0CDB4B1FD07153D622C0639E7F2A552E7AC9D44AA4D64 ocserv[10221]: *.*.*.*:33546 HTTP: X-DTLS-CipherSuite: AES256-SHA:AES128-SHA:DES-CBC3-SHA:DES-CBC-SHA ocserv[10221]: *.*.*.*:33546 HTTP: X-DTLS-Accept-Encoding: lzs ocserv[10221]: *.*.*.*:33546 HTTP: X-CSTP-Accept-Encoding: lzs,deflate ocserv[10221]: *.*.*.*:33546 HTTP: X-CSTP-Protocol: Copyright (c) 2004 Cisco Systems, Inc. ocserv[10221]: *.*.*.*:33546 HTTP: X-CSTP-TCP-Keepalive: false ocserv[10221]: *.*.*.*:33546 HTTP CONNECT /CSCOSSLC/tunnel ocserv[10221]: *.*.*.*:33546 sending message 'auth cookie request' to main ocserv[10209]: *.*.*.*:33546 main received message 'auth cookie request' of 261 bytes ocserv[10209]: *.*.*.*:33546 accepting user 'cmd' ocserv[10209]: *.*.*.*:33546 auth deinit for user 'cmd' ocserv[10209]: *.*.*.*:33543 disconnecting 'cmd' due to new cookie connection ocserv[10209]: *.*.*.*:33546 No user configuration for 'cmd' ocserv[10209]: *.*.*.*:33546 No group configuration for 'cmd' ocserv[10209]: *.*.*.*:33546 assigned IPv4 to 'cmd': 10.10.10.87 ocserv[10209]: *.*.*.*:33546 assigning tun device vpns1 ocserv[10209]: *.*.*.*:33546 user 'cmd' of group 'cmd' re-authenticated (using cookie) ocserv[10209]: *.*.*.*:33546 sending (socket) message 2 to worker ocserv[10221]: *.*.*.*:33546 received auth reply message (value: 1) ocserv[10221]: *.*.*.*:33546 sending IPv4 10.10.10.87 ocserv[10221]: *.*.*.*:33546 adding route 0.0.0.0/0.0.0.0 ocserv[10221]: *.*.*.*:33546 peer CSTP MTU is 1405 ocserv[10221]: *.*.*.*:33546 TCP MSS is 1427 ocserv[10221]: *.*.*.*:33546 DTLS ciphersuite: AES128-SHA ocserv[10221]: *.*.*.*:33546 suggesting DTLS MTU 1339 ocserv[10221]: *.*.*.*:33546 suggesting CSTP MTU 1339 ocserv[10221]: *.*.*.*:33546 plaintext MTU is 1404 ocserv[10221]: *.*.*.*:33546 sending message 'tun mtu change' to main ocserv[10209]: *.*.*.*:33546 main received message 'tun mtu change' of 3 bytes ocserv[10221]: *.*.*.*:33546 setting MTU to 1404 ocserv[10209]: *.*.*.*:33546 setting vpns1 MTU to 1404 ocserv[10221]: *.*.*.*:33546 sending message 'session info' to main ocserv[10209]: *.*.*.*:33546 main received message 'session info' of 56 bytes ocserv[10221]: *.*.*.*:33546 TCP MSS is 1427 ocserv[10221]: *.*.*.*:33546 reducing MTU due to TCP MSS to 1398 ocserv[10221]: *.*.*.*:33546 sending message 'tun mtu change' to main ocserv[10209]: *.*.*.*:33546 main received message 'tun mtu change' of 3 bytes ocserv[10209]: *.*.*.*:33546 setting vpns1 MTU to 1397 ocserv[10221]: *.*.*.*:33546 setting MTU to 1397 ocserv[10221]: *.*.*.*:33546 received 95 byte(s) (TLS) ocserv[10221]: *.*.*.*:33546 received BYE packet; exiting ocserv[10209]: *.*.*.*:33546 main-misc.c:468: command socket closed ocserv[10209]: *.*.*.*:33543 main-misc.c:468: command socket closed Cheers, Alex
