On Fri, Aug 31, 2018 at 11:06 AM, Christopher Mattern <syscjm at gwu.edu> wrote: > Also, while the vopenconnect is attempting to run, a new entry gets added to > my route table: > >> syscjm at ibis:~$ route >> Kernel IP routing table >> Destination Gateway Genmask Flags Metric Ref Use >> Iface >> default 0.0.0.0 0.0.0.0 U 0 0 0 >> tun0 >> ^C >> syscjm at ibis:~$ > > > and then the route command hangs. You need to run route -n. Without that, it hangs because it's failing DNS lookups. > Also, other clients are using this VPN server without problems. It just > seems to be openconnect that's failing. OpenConnect is authenticating and setting up the tunnel just fine. But it's getting hung up somewhere in the routing configuration script. There's one confusing/erroneous routing configuration item being sent by the server, which confuses the vpnc-script. I don't think that's _entirely_ what's breaking things here? a DNS-related bug may be involved as well. You'll have to disentangle these effects to get it working. I'll toot my own horn here and suggest that you try vpn-slice (https://github.com/dlenski/vpn-slice) as an alternative to the default vpnc-script. It lets you use a very simplified, user-constructed routing configuration instead of the one sent by the VPN gateway. -Dan
