> Hi, > > I've got a question that is beyond my ability to track down, or even > properly > diagnose. My institution uses a juniper/pulse VPN as well as a single > sign on > service with two factor authentication. If you are on the VPN then you > shouldn't be asked for two factor authentication when using the single > sign on > page. This is exactly what happens when I use the native Pulse VPN > client. However, this isn't what happens when I use the openconnect > client. Instead what happens is. > > 1. I sign in using openconnect. > 2. I go to office365 and am redirected to my organization's sign in page. > 3. I sign in with my password and am still asked for my multifactor > authentication, even though I'm connected to the VPN. > > I've double checked that with openconnect the VPN works normally > otherwise; I > can connect to servers that are behind the firewall. I've also compared > the > routing tables (using route) using both the openconnect and pulse clients > and > they are the same. Any help would be greatly appreciated. > > Thanks for the time and effort! > > Geoff. Where (or perhaps more importantly, *when*) are you connecting to the VPN from? If the answer is "the 21st century" perhaps you are reaching o365 over IPv6 and the VPN is only taking your Legacy IP traffic? -- dwmw2
