On Mon, Jan 18, 2016 at 1:11 PM, Pawel Stankowski <Pawel.Stankowski at fara.no> wrote: >> > e is the output I got (after upgrade to Ubuntu 15.10): >> > # openconnect --version >> > OpenConnect version v7.06 >> > Using GnuTLS. Features present: PKCS#11, RSA software token, HOTP >> > software token, TOTP software token, DTLS >> > past at past-ubuntu:~$ >> > # openconnect -v <VPN IP> >> > POST https://<VPN IP> >> > Attempting to connect to server XX.XX.XX.XXX:443 >> > SSL negotiation with <VPN IP> >> > SSL connection failure: Error in the pull function. >> >> This is most likely a networking error. You can check the connection >> status with wireshark, and/or set GNUTLS_DEBUG_LEVEL=6 for more >> information. > Seems that there is some incompatibility between GnuTLS and this VPN > server. I reproduced the same problem on Debian 8 "Jessie". The same > server works fine with both AnyConnect and openconnect compiled without > GnuTLS. I get known that the server I connect to is some Cisco ASA > Firewall. Which version of gnutls is that? Could you try running gnutls-cli-debug on that server?
