On Tue, 2017-08-15 at 11:34 -0700, Mike Miller wrote: > On Tue, Aug 15, 2017 at 09:22:32 -0500, Liam Healy wrote: > > > > I am running OpenConnect from Debian 9.1. After a connection, when > > I > > disconnect (by unchecking the "VPN Connections" box on > > NetworkManager), it does not send the proper disconnect signal to > > the > > server; this was noticed by someone watching the logs on the server > > side, who said that after I did this, the server thought the > > connection was still open. This is causing problems because when I > > reconnect, if I am assigned a different server by the load > > balancer, > > there are two connections open and performance is very bad. > > > > Is there a known remedy to this problem, and if not, what should I > > do > > and post to help find a remedy? > Yes, this is known [1] and has been fixed [2] on the NM OpenConnect > development branch for the next release (1.2.6 I guess). > > [1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820892 > [2]: https://git.gnome.org/browse/network-manager-openconnect/commit/ > ?id=a27fd1a5e9ad66ca1f45fda771c8e20d2292aee2 Although that's far from a complete solution, as it *only* covers the case where you explicitly disconnect. If you lose connectivity on your physical network and the VPN disconnects because of that, you have the same problem. We really ought to *store* the auth cookie in memory in nm-openconnect-service (which should persist as long as the cookie is valid, instead of exiting when idle as the parent class does). Then subsequent connection attempts can use the *same* cookie to reconnect. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 4938 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20170815/7ea387a2/attachment.bin>
