On 7/29/2014 5:54 PM, Kevin Cernekee wrote: > If you don't use "openconnect --token-mode" at all, can you log on by > manually typing the appropriate password into each blank? No. OpenConnect prompts for one password (not counting the one to access the token). The website login page only displays 2 input fields, username and password. This works on the old VPN where tokens are not used. The websites do have a page that has input fields for username and one-time password. Whether I enter a possibly correct or definitely wrong one-time password makes no difference. On submit, it continues to the login page. There, prefix+tokencode and the AD password both fail. The company thinks the website will not work on the new VPN. I am starting to get the impression that this Cisco VPN server with Cisco client communicate differently, that it may not be possible for OpenConnect to pass the required credentials in the expected way through HTTP over SSL. --Mark
