Recently started having a problem with openconnect connecting to a Cisco AnyConnect VPN server. I suspect the problem is vpnc-client not correctly opening up a tunnel, but I'm not sure and I have no idea how to fix it. I've tried three different vpn-client scripts. With any of them, I have no network connectivity, and I get different error messages when I ctrl-C. I used to get a message about it setting up a tun0 device after a short delay, but I'm not seeing that any more. This is what I was originally getting from the install from the Ubuntu repository: > root at ibis:/usr/share/vpnc-scripts# openconnect https://go.vpn.gwu.edu/ses > POST https://go.vpn.gwu.edu/ses > Connected to 128.164.202.177:443 > SSL negotiation with go.vpn.gwu.edu > Connected to HTTPS on go.vpn.gwu.edu > XML POST enabled > ? 2014, The George Washington University > 2121 Eye St, NW; Washington, DC 20052. Phone: 202-994-GWIT (4948) > Site Maintained by Division of IT > Please enter your NetID and Password > GW students, faculty, and staff can access this service by using their GW NetIDs > (the part of the e-mail address that precedes @gwu.edu) and corresponding passwords. > Username:syscjm > Password: > Password: > POST https://go.vpn.gwu.edu/ > Got CONNECT response: HTTP/1.1 200 OK > CSTP connected. DPD 30, Keepalive 20 > Connected as 128.164.108.37, using SSL > Established DTLS connection (using GnuTLS). Ciphersuite (DTLS0.9)-(DHE-RSA-4294967237)-(AES-128-CBC)-(SHA1). > ^CFailed to spawn script '/usr/share/vpnc-scripts/vpnc-script' for connect: Interrupted system call > Send BYE packet: Aborted by caller > Error: argument "via" is wrong: use nexthop syntax to specify multiple via > > User canceled (SIGINT); exiting; > root at ibis:/usr/share/vpnc-scripts# I tried the vpn-client listed on Openconnected's home site (http://git.infradead.org/users/dwmw2/vpnc-scripts.git/blob_plain/HEAD:/vpnc-script): > root at ibis:/usr/share/vpnc-scripts# openconnect --script /usr/share/vpnc-scripts/vpnc-script-new https://go.vpn.gwu.edu/ses > POST https://go.vpn.gwu.edu/ses > Connected to 128.164.202.177:443 > SSL negotiation with go.vpn.gwu.edu > Connected to HTTPS on go.vpn.gwu.edu > XML POST enabled > ? 2014, The George Washington University > 2121 Eye St, NW; Washington, DC 20052. Phone: 202-994-GWIT (4948) > Site Maintained by Division of IT > Please enter your NetID and Password > GW students, faculty, and staff can access this service by using their GW NetIDs > (the part of the e-mail address that precedes @gwu.edu) and corresponding passwords. > Username:syscjm > Password: > Password: > POST https://go.vpn.gwu.edu/ > Got CONNECT response: HTTP/1.1 200 OK > CSTP connected. DPD 30, Keepalive 20 > Connected as 128.164.108.32, using SSL > Established DTLS connection (using GnuTLS). Ciphersuite (DTLS0.9)-(DHE-RSA-4294967237)-(AES-128-CBC)-(SHA1). > Error: any valid prefix is expected rather than "dev". > ^CFailed to spawn script '/usr/share/vpnc-scripts/vpnc-script-new' for connect: Interrupted system call > Send BYE packet: Aborted by caller > RTNETLINK answers: No such process > User canceled (SIGINT); exiting; > root at ibis:/usr/share/vpnc-scripts# I also tried a vpnc-script I found in a Git repository (https://gitlab.com/openconnect/vpnc-scripts/raw/master/vpnc-script): > root at ibis:/usr/share/vpnc-scripts# openconnect --script /usr/share/vpnc-scripts/vpnc-script-new2 https://go.vpn.gwu.edu/ses > POST https://go.vpn.gwu.edu/ses > Connected to 128.164.202.177:443 > SSL negotiation with go.vpn.gwu.edu > Connected to HTTPS on go.vpn.gwu.edu > XML POST enabled > ? 2014, The George Washington University > 2121 Eye St, NW; Washington, DC 20052. Phone: 202-994-GWIT (4948) > Site Maintained by Division of IT > Please enter your NetID and Password > GW students, faculty, and staff can access this service by using their GW NetIDs > (the part of the e-mail address that precedes @gwu.edu) and corresponding passwords. > Username:syscjm > Password: > Password: > POST https://go.vpn.gwu.edu/ > Got CONNECT response: HTTP/1.1 200 OK > CSTP connected. DPD 30, Keepalive 20 > Connected as 128.164.108.36, using SSL > Established DTLS connection (using GnuTLS). Ciphersuite (DTLS0.9)-(DHE-RSA-4294967237)-(AES-128-CBC)-(SHA1). > Error: any valid prefix is expected rather than "dev". > ^CFailed to spawn script '/usr/share/vpnc-scripts/vpnc-script-new2' for connect: Interrupted system call > Send BYE packet: Aborted by caller > RTNETLINK answers: No such process > User canceled (SIGINT); exiting; > root at ibis:/usr/share/vpnc-scripts# Any help on how I can fix this? -- Christopher Mattern Unix Engineer, George Washington University
