Hi Dan, thanks once again for your kind help! :-) > Are you actually *using* the VPN continuously, and it just cuts off > suddenly with no warning? Or is it going idle, and then you notice > that it's disconnected when you go and try to use it again later? Actually I'm connecting to the VPN, using it for a few minutes and after finishing my work I switch off my computer. When rebooting the computer some minutes later the VPN will still work fine. Only if the intercostal break lasts longer (e.g. for a few hours) I am not able anymore to connect it again with the same cookie. > NetworkManager can reconnect *using the same > cookie* after a period where Connman cannot? I am not sure if NetworkManager uses the same cookie for later reconnects. My speculation is more in that way that NetworkManager is able to create new cookies by himself. When using the same VPN tunnel with NetworkManager I never had problems to reconnect it, independent of the duration of non-usage. Two more questions are: 1. Is there any option to force Connman to renew the cookie by himself? Or could I create a regular cronjob that runs the OpenConnect-script, creates the new cookie and pastes it into /var/lib/connman-vpn/vpnname.config? 2. Currently I am using the following OpenConnect command to generate the cookie: openconnect --csd-wrapper=/home/user/.cisco/csd-wrapper.sh --authenticate --user=<username> <VPN-host> Is there an option available to pass-over the password to OpenConnect without further user prompt as well? For example by extending the upper command like "--user=<username> --password=<password> <VPN-host>"? That would be awesome and way more easy for possible cronjobs... :-) I am happy to hearing from you! Best regards! Dave On 08/24/2018 03:27 AM, Daniel Lenski wrote: >> Aug 24 00:14:51 <hostname> openconnect[4476]: Got inappropriate HTTP CONNECT response: HTTP/1.1 401 Unauthorized > Here's the "real" error, which shows that, yes indeed, the cookie > being used to reconnect is no longer authorized. > >> X-CSTP-Lease-Duration: 1209600 >> X-CSTP-Session-Timeout: none >> X-CSTP-Idle-Timeout: 1800 >> X-CSTP-Disconnected-Timeout: 1800 > Are you actually *using* the VPN continuously, and it just cuts off > suddenly with no warning? Or is it going idle, and then you notice > that it's disconnected when you go and try to use it again later? > > If it's going idle, then there's not much you can do to keep it alive > other than send real traffic to it. Some VPNs will stay alive if you > just ping a server occasionally (e.g. `ping -i 300 [VPN host]`), > others seem to detect and ignore this kind of repetitive traffic. > >> I am wondering about the fact that NetworkManager does not cause any >> problems when reconnecting the VPN. This only seems to appear when using >> Connman? > What do you mean by this? NetworkManager can reconnect *using the same > cookie* after a period where Connman cannot? > > Dan
