On Tue, Jun 13, 2017 at 4:30 AM, Maxim Baglay <mbaglay92 at gmail.com> wrote: > Yesterday stared getting next error on attempt to use openconnect: > > WARNING: Juniper Network Connect support is experimental. > It will probably be superseded by Junos Pulse support. > Disabling all HTTP connection re-use due to --no-http-keepalive option. > If this helps, please report to <openconnect-devel at lists.infradead.org>. > Connected to ______:443 > SSL negotiation with ________ > SSL connection failure: A TLS packet with unexpected length was received. > Creating SSL connection failed > > Command used to connect: > > openconnect --no-cert-check --juniper "https://______/vip"; > --cookie=$DSID --no-http-keepalive --reconnect-timeout 0 > > Can you help me getting figuring this out and get it working? What version of openconnect are you running? (Also, why are you running with --no-http-keepalive? This option is intended to work around a bug that is only known to exist for *Cisco* servers, not Juniper.) You should also run with `--dump -vvvv` to turn on the most verbose logging level. -Dan
