Hello, it's 7.07 with cherry-picked 4ce9c9241f5707917e87e93a055f757cea5fb84d commit. Running without --no-http-keepalive did not help. Adding --dump -vvvv did not show anything more. The same output appears. Thanks, Max. 2017-06-14 3:11 GMT+03:00 Daniel Lenski <dlenski at gmail.com>: > On Tue, Jun 13, 2017 at 4:30 AM, Maxim Baglay <mbaglay92 at gmail.com> wrote: >> Yesterday stared getting next error on attempt to use openconnect: >> >> WARNING: Juniper Network Connect support is experimental. >> It will probably be superseded by Junos Pulse support. >> Disabling all HTTP connection re-use due to --no-http-keepalive option. >> If this helps, please report to <openconnect-devel at lists.infradead.org>. >> Connected to ______:443 >> SSL negotiation with ________ >> SSL connection failure: A TLS packet with unexpected length was received. >> Creating SSL connection failed >> >> Command used to connect: >> >> openconnect --no-cert-check --juniper "https://______/vip"; >> --cookie=$DSID --no-http-keepalive --reconnect-timeout 0 >> >> Can you help me getting figuring this out and get it working? > > What version of openconnect are you running? (Also, why are you > running with --no-http-keepalive? This option is intended to work > around a bug that is only known to exist for *Cisco* servers, not > Juniper.) > > You should also run with `--dump -vvvv` to turn on the most verbose > logging level. > > -Dan
