Supporting Juniper and other types of SSL VPN

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2015-01-01 at 10:29 +0000, David Woodhouse wrote:
> 
> So I think I'd be happy enough to look at abstracting out the specific
> SSL VPN protocol parts and making OpenConnect support multiple
> protocols. The main sticking point is that we actually need some
> details
> about *how* those other SSL VPN protocols works.

It looks like the Juniper one actually works fairly similarly to
AnyConnect ? an authentication stage that results in a cookie, followed
by actually making the connection using that cookie.

The authentication part has even been implemented in open source at
https://smallhacks.wordpress.com/2012/07/15/jvpn-perl-script-to-connect-to-the-juniper-vpn-with-host-checker-enabled/

For the VPN connection itself, I've thrown together an untested
prototype: http://git.infradead.org/users/dwmw2/openconnect-juniper.git

It didn't take that much work to abstract out the Cisco protocol bits
from the generic VPN support in OpenConnect. Once the dust has settled
and we have things working, I'll take a closer look at whether it could
be done more cleanly than my initial attempt.

-- 
dwmw2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20150119/b1896e25/attachment.bin>


[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux