On Sun, 2016-09-25 at 10:55 +0200, Peter Brant wrote: > My guess is that DTLS is simply disabled on the server. > Is there something in the --verbose output that would confirm this? The complete absence of any mention of DTLS, as you said, is a fairly strong hint. We send the DTLS options to the server and it completely ignores them. You could add --dump-http-traffic and confirm that we're really trying, but DO NOT send the output of that to the list. Filter passwords and cookies out of it before you send it to me in private if you wish. > Behavior is the same with OpenConnect v.5.02 and 6.0. I'm not aware of anything specific which would cause this, but 6.0 was a long time ago. Can you try with the latest from git, or at least the 7.08 release? Do you know if the official Cisco clients manage to get DTLS with this server? And has the server recently been changed?? -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5760 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20160925/e0706e9f/attachment.bin>
