Thanks. I thought it was supposed to - this portion of the website indicates that it should, I think? http://www.infradead.org/openconnect/vpnc-script.html This is the output of 'ip route' before running openconnect: default via 192.168.0.1 dev wlp3s0 proto static metric 600 192.168.0.0/24 dev wlp3s0 proto kernel scope link src 192.168.0.108 metric 600 and after: default via 192.168.0.1 dev wlp3s0 proto static metric 600 10.0.0.0/8 dev tun0 scope link 10.0.0.0/8 dev tun0 scope link metric 1 128.62.0.0/16 dev tun0 scope link 128.62.0.0/16 dev tun0 scope link metric 1 128.83.0.0/16 dev tun0 scope link 128.83.0.0/16 dev tun0 scope link metric 1 128.83.185.40 dev tun0 scope link 128.83.185.40 dev tun0 scope link metric 1 128.83.185.41 dev tun0 scope link 128.83.185.41 dev tun0 scope link metric 1 129.116.0.0/16 dev tun0 scope link 129.116.0.0/16 dev tun0 scope link metric 1 129.116.67.2 via 192.168.0.1 dev wlp3s0 src 192.168.0.108 146.6.0.0/16 dev tun0 scope link 146.6.0.0/16 dev tun0 scope link metric 1 172.16.0.0/12 dev tun0 scope link 172.16.0.0/12 dev tun0 scope link metric 1 172.29.224.0/19 dev tun0 scope link 172.29.224.0/19 dev tun0 scope link metric 2 192.168.0.0/24 dev wlp3s0 proto kernel scope link src 192.168.0.108 metric 600 198.213.192.0/18 dev tun0 scope link 198.213.192.0/18 dev tun0 scope link metric 1 206.76.64.0/18 dev tun0 scope link 206.76.64.0/18 dev tun0 scope link metric 1 The verbose output: POST https://vpn.utexas.edu/ Got HTTP response: HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Cache-Control: no-cache Pragma: no-cache Connection: Keep-Alive Date: Wed, 28 Sep 2016 02:08:49 GMT X-Frame-Options: SAMEORIGIN X-Aggregate-Auth: 1 HTTP body chunked (-2) Got CONNECT response: HTTP/1.1 200 OK X-CSTP-Version: 1 X-CSTP-Protocol: Copyright (c) 2004 Cisco Systems, Inc. X-CSTP-Address: 172.29.232.73 X-CSTP-Netmask: 255.255.224.0 X-CSTP-Hostname: UTVPN-ASA5585X.its.utexas.edu X-CSTP-DNS: 128.83.185.41 X-CSTP-DNS: 128.83.185.40 X-CSTP-Lease-Duration: 86400 X-CSTP-Session-Timeout: 86400 X-CSTP-Idle-Timeout: 7200 X-CSTP-Disconnected-Timeout: 7200 X-CSTP-Default-Domain: vpn.utexas.edu X-CSTP-Split-Include: 10.0.0.0/255.0.0.0 X-CSTP-Split-Include: 128.62.0.0/255.255.0.0 X-CSTP-Split-Include: 128.83.0.0/255.255.0.0 X-CSTP-Split-Include: 129.116.0.0/255.255.0.0 X-CSTP-Split-Include: 146.6.0.0/255.255.0.0 X-CSTP-Split-Include: 172.16.0.0/255.240.0.0 X-CSTP-Split-Include: 198.213.192.0/255.255.192.0 X-CSTP-Split-Include: 206.76.64.0/255.255.192.0 X-CSTP-Keep: true X-CSTP-Tunnel-All-DNS: false X-CSTP-Rekey-Time: 1800 X-CSTP-Rekey-Method: new-tunnel X-CSTP-DPD: disabled X-CSTP-Keepalive: 20 X-CSTP-MSIE-Proxy-Lockdown: true X-CSTP-Smartcard-Removal-Disconnect: true X-CSTP-MTU: 1406 X-CSTP-Routing-Filtering-Ignore: false X-CSTP-Quarantine: false X-CSTP-Disable-Always-On-VPN: false X-CSTP-Client-Bypass-Protocol: false X-CSTP-TCP-Keepalive: true X-CSTP-Post-Auth-XML: <elided> CSTP connected. DPD 0, Keepalive 20 CSTP Ciphersuite: (TLS1.0)-(DHE-RSA-1024)-(AES-128-CBC)-(SHA1) Set up DTLS failed; using SSL instead Connected as 172.29.232.73, using SSL David Woodhouse <dwmw2 at infradead.org> writes: > On Tue, 2016-09-27 at 19:01 -0500, Alex Branham wrote: >> Thanks for the reply. >> >> I can ping the server but it isn't routing my normal internet traffic through the VPN. > > Is it supposed to? Show openconnect output with '-v', and the output of 'ip route'. -- J. Alexander Branham PhD Candidate Department of Government University of Texas at Austin www.jabranham.com
