Hi Kevin, Tried it, still not working, here is the verbose output: pi at raspberrypi ~ $ sudo openconnect --csd-wrapper ~/.cisco/wrapper.sh --os android 32.59.2.56 -v POST https://32.59.2.56/ Attempting to connect to server 32.59.2.56:443 SSL negotiation with 32.59.2.56 Server certificate verify failed: signer not found Certificate from VPN server "32.59.2.56" failed verification. Reason: signer not found Enter 'yes' to accept, 'no' to abort; anything else to view: yes Connected to HTTPS on 32.59.2.56 Got HTTP response: HTTP/1.0 302 Object Moved Content-Type: text/html; charset=utf-8 Content-Length: 0 Cache-Control: no-cache Pragma: no-cache Connection: Close Date: Tue, 31 Mar 2015 04:36:36 GMT Location: /+webvpn+/index.html Set-Cookie: tg=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure HTTP body length: (0) GET https://32.59.2.56/ Attempting to connect to server 32.59.2.56:443 SSL negotiation with 32.59.2.56 Server certificate verify failed: signer not found Connected to HTTPS on 32.59.2.56 Got HTTP response: HTTP/1.0 302 Object Moved Content-Type: text/html; charset=utf-8 Content-Length: 0 Cache-Control: no-cache Pragma: no-cache Connection: Close Date: Tue, 31 Mar 2015 04:36:37 GMT Location: /+webvpn+/index.html Set-Cookie: tg=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure HTTP body length: (0) GET https://32.59.2.56/+webvpn+/index.html SSL negotiation with 32.59.2.56 Server certificate verify failed: signer not found Connected to HTTPS on 32.59.2.56 Got HTTP response: HTTP/1.1 200 OK Transfer-Encoding: chunked Content-Type: text/xml Cache-Control: max-age=0 Set-Cookie: webvpn=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure Set-Cookie: webvpnc=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure Set-Cookie: webvpnlogin=1; secure X-Transcend-Version: 1 HTTP body chunked (-2) GET https://32.59.2.56/+CSCOE+/sdesktop/wait.html Got HTTP response: HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Cache-Control: no-cache Pragma: no-cache Connection: Close Date: Tue, 31 Mar 2015 04:36:38 GMT HTTP body chunked (-2) Refreshing +CSCOE+/sdesktop/wait.html after 1 second... GET https://32.59.2.56/+CSCOE+/sdesktop/wait.html SSL negotiation with 32.59.2.56 Server certificate verify failed: signer not found Connected to HTTPS on 32.59.2.56 Got HTTP response: HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Cache-Control: no-cache Pragma: no-cache Connection: Close Date: Tue, 31 Mar 2015 04:36:40 GMT HTTP body chunked (-2) Refreshing +CSCOE+/sdesktop/wait.html after 1 second... And it keeps reapeting forever those same lines between "Refreshing +CSCOE+/sdesktop/wait.html after 1 second..." This looks identical to the output from your post on the suggested thread, and alto to the output I'm seeing on a successfull conection from my android... any ideas? Any place where I can check more detailed logs? Please feel free to try yourself with the server 32.59.2.56 and also .57 Thanks a lot, Nico On Sun, Mar 29, 2015 at 4:23 AM, Kevin Cernekee <cernekee at gmail.com> wrote: > On Sat, Mar 28, 2015 at 11:24 PM, Nicol?s Escudero > <nicolasescudero at gmail.com> wrote: >> Hi, >> >> I'm experiencing the exact same issue posted on the original thread >> from KajMagnus: >> http://lists.infradead.org/pipermail/openconnect-devel/2014-November/002370.html >> >> In short, I'm getting these 4 lines repeatedly over and over forever >> no matter what arguments or wrapper I use: >> >> GET https://vpn.server.com/+CSCOE+/sdesktop/wait.html >> SSL negotiation with vpn.server.com >> Connected to HTTPS on vpn.server.com >> Refreshing +CSCOE+/sdesktop/wait.html after 1 second... >> >> Tried everything, with/without wrapper, --no-xml-post, binaries, all >> same hard work and reasearch KajMagnus did, same poor luck. >> >> I'm running openconnect v6.00, on a RaspberryPi running raspbian Jessie. > > An ARM host won't be able to run the x86 trojan binary directly, so a > wrapper script is probably your best bet. > >> In the other hand, I'm perfectly able to connect to the same server >> using both Windows Anyconnect and Android Openconnect. Both of them >> with 100% default settings, just entered server+username and then, >> when prompted, the passcode from my RSA Hard-Token. > > Try this: > > http://lists.infradead.org/pipermail/openconnect-devel/2013-October/001225.html > >> COLOR NOTE: I cannot connect using AnyConnect for Android, I'm getting >> a server response saying the server doesn't have an active "Mobile >> License".... > > This is checked (or not checked, in our case) on the client side, so > you should be OK using OpenConnect. See: > > http://lists.infradead.org/pipermail/openconnect-devel/2013-November/001326.html
