Do you use the rhel7.4 version of centos7? That seems like a regression from the epel to the rhel protobuf-c libraries. Does the new build over that version address that? https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-35c633c003 On Tue, Nov 21, 2017 at 8:35 AM, ping gao ??(0) <ping.gao at corp.elong.com> wrote: > hi all > I use openconnect to connect ocserv server, you can connect successfully, but can not receive downlink data? > Trouble to help answer the next > > OS Info: > > Server: > Centos7 > Ocserv 0.11.8 > Compiled with: seccomp, tcp-wrappers, oath, radius, gssapi, PAM, PKCS#11, AnyConnect > GnuTLS version: 3.3.26 (compiled with 3.3.24) > > Client: > Ubuntu 16.04 > OpenConnect version v7.06 > Using GnuTLS. Features present: PKCS#11, RSA software token, HOTP software token, TOTP software token, System keys, DTLS > > The following ocserv server debug 100 output? > > ocserv[5123]: main: performing maintenance (banned IPs: 1) > ocserv[5124]: sec-mod: performing maintenance > ocserv[5124]: sec-mod: active sessions 1 > ocserv[5123]: main: main received message 'unknown (248)' from sec-mod of 10 bytes > ocserv[5127]: TLS[<5>]: REC[0x7f6c443e1010]: SSL 3.3 Application Data packet received. Epoch 0, length: 108 > ocserv[5127]: TLS[<5>]: REC[0x7f6c443e1010]: Expected Packet Application Data(23) > ocserv[5127]: TLS[<5>]: REC[0x7f6c443e1010]: Received Packet Application Data(23) with length: 108 > ocserv[5127]: TLS[<5>]: REC[0x7f6c443e1010]: Decrypted Packet[590] Application Data(23) with length: 84 > ocserv[5127]: worker[user]: 192.168.35.65 received 84 byte(s) (TLS) > ocserv[5127]: worker[user]: 192.168.35.65 writing 76 byte(s) to TUN > _______________________________________________ > openconnect-devel mailing list > openconnect-devel at lists.infradead.org > http://lists.infradead.org/mailman/listinfo/openconnect-devel
