Hi, I've just installed and configured ocserv.? I'm using openconnect as a client on two Windows 10 laptops.? If I attempt from, say, a hotel xDSL network, I connect and am able to access my lab environment remotely. However, if I attempt to connect by tethering the laptops over a mobile network, it fails with: SSL connection failure: Error in the pull function. I've tried connecting with gnutls-cli and this fails with: *** Fatal error: The TLS connection was non-properly terminated. *** Handshake has failed: The TLS connection was non-properly terminated. If I use gnutls-cli-debug, it tells me that it it has to disable all SSL and TLS before exiting with: Server does not support any of SSL 3.0, TLS 1.0 and TLS 1.1 and TLS 1.2 However, if I try to connect with openssl s_client -connect? I get a successful TLS connection. So it seems that gnutls can't connect to ocserv over a mobile network, while openssl can. If I revert to a non-mobile network, then all the above tests work as expected.? I've also tried this with two different UK mobile providers - Three and Vodafone - with the same results. Using Wireshark shows that the server returns a RSK, ACK to the client's CLIENT HELLO message; while messages in ocserv log (jounralctl -xe) shows the client has disconnected unexpectedly.? This suggests the mobile network is sending the reset, but that doesn't explain why openssl s_client connects successfully over mobile networks. Can anyone shed any light on this? Thanks in advance, Gareth Williams --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus
