Fwd: Re: Juniper connection failure, HTTP/1.1 302 Found

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





-------- Forwarded Message --------
Subject: 	Re: Juniper connection failure, HTTP/1.1 302 Found
Date: 	Wed, 12 Aug 2015 20:28:37 -0400
From: 	Nate Mow <natemow at gmail.com>
To: 	David Woodhouse <dwmw2 at infradead.org>



I think I did try that at some point...trying it again, I'm seeing this 
come next in the log:

    Got HTTP response: HTTP/1.1 200 OK
    Content-type: application/octet-stream
    Pragma: no-cache
    NCP-Version: 3
    Set-Cookie: DSLastAccess=1439424998; path=/; Secure
    Connection: close
    X-Frame-Options: SAMEORIGIN
    SSL negotiation with alias.example.com
    No match for altname 'vpn.example.com'
    No match for altname 'alias.example-europe.com'
    Matched DNS altname 'alias.example.com'
    Connected to HTTPS on alias.example.com
    Got HTTP response: HTTP/1.1 200 OK
    Content-type: application/octet-stream
    Pragma: no-cache
    NCP-Version: 3
    Set-Cookie: DSLastAccess=1439424998; path=/; Secure
    Connection: close
    X-Frame-Options: SAMEORIGIN
    0000: 14 00 00 04 00 00 00 07 00 45 4c 4b 48 41 52 54
    0010: bb 01 00 00 00 00
    Server response to hostname packet is error 0x08
    Creating SSL connection failed


To me it looks like host is responding with "here, install this applet" 
now. Is there a way to get the raw response from the server? (I'm not a 
C guy, so a bit out of my depth as far as tracing locally goes).


On 08/12/2015 08:08 PM, David Woodhouse wrote:
> On Wed, 2015-08-12 at 20:06 -0400, Nate Mow wrote:
>>     # Now attempt the actual connection.
>>     echo "$COOKIE" | sudo openconnect "$JNC_HOST" \
>>       --dump-http-traffic \
>>       --disable-ipv6 \
>>       --os="linux-64" \
>>       --useragent="$_ua_string" \
>>       --cookie-on-stdin \
>> --cafile="./config/GlobalSignOrganizationValidationCA-SHA256-G2.ca" \
>>       --servercert="$FINGERPRINT" \
>>       --no-cert-check --background --pid-file=$VPN_PID_FILE \
>>         >> $VPN_LOG_FILE 2>&1;
> You'll want a --juniper in that one somewhere too.
>






[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux