On Thu, 2019-03-14 at 12:50 -0400, Andrew Kerr wrote: > I've been using OpenConnect to connect to a Cisco VPN for quite a > while now with great success. We're testing out Cisco ISE and that > is > where I could use some help. When using the Cisco AnyConnect client > Cisco ISE sees the client identity as the system's MAC address, which > it then uses to match a database of compliant systems. When I use > OpenConnect Cisco ISE sees the public IP on my NAT device as the > client IP, rather than the MAC or even the local IP. I'm guessing > that may mean it just got nothing in the field it expected and all it > has to go on is the internet IP it sees my traffic coming from. > > I don't see any configuration flags to tell OpenConnect to send the > MAC address in wherever it is expected to be / is being set with > AnyConnect. > > I'd appreciate any help or pointers, OpenConnect has been rock solid > and I'd hate to be forced to give it up. There were patches on the list a little while ago to add this. They needed a few changes if I recall correctly, but it sounds like they should work.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ openconnect-devel mailing list openconnect-devel@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/openconnect-devel
