AW: AW: Skipt Phase 1 when connecting using openconnect

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I updated openconnect but still the same :

POST https://remote.vpnserver.de/sdla-ras
Attempting to connect to server x.x.x.x:443
Connected to x.x.x.x:443
SSL negotiation with remote.vpnserver.de
Server certificate verify failed: self signed certificate in certificate chain
Connected to HTTPS on remote.vpnserver.de
> POST /sdla-ras HTTP/1.1
> Host: remote.vpnserver.de
> User-Agent: Open AnyConnect VPN Agent v8.03
> Accept: */*
> Accept-Encoding: identity
> X-Transcend-Version: 1
> X-Aggregate-Auth: 1
> X-AnyConnect-Platform: linux-64
> X-Support-HTTP-Auth: true
> X-Pad: 00000000000000000000000000000000000000
> Content-Type: application/x-www-form-urlencoded
> Content-Length: 218
> 
> <?xml version="1.0" encoding="UTF-8"?>
> <config-auth client="vpn" type="init"><version who="vpn">v8.03</version><device-id>linux-64</device-id><group-access>https://remote.vpnserver.de/sdla-ras</group-access></config-auth>
Got HTTP response: HTTP/1.1 200 OK
Date: Wed, 03 Jul 2019 20:15:01 GMT
X-Powered-By: PHP/5.3.3
Content-Length: 3251
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: TS01a3b48b=0195ed2da393ec9a53f245346927ead98e805380d2087bef60ad5b9ca8a49774654d40cf74805d2a666b2aaee3febf17ba63bc74c5; Path=/
HTTP body length:  (3251)
< <!DOCTYPE html>
< <html>
< <head>
< <title>1&amp;1 Versatel - VPN Authentifizierung</title>
< <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
< <meta http-equiv="Content-Style-Type" content="text/css" />
< <meta http-equiv="cache-control" content="no-cache" />
< <meta http-equiv="pragma" content="no-cache" />
< <meta name="Author" content="1&amp;1 Versatel Deutschland GmbH" />
< <meta name="robots" content="noindex,nofollow,noarchive" />
< <link rel="stylesheet" type="text/css" href="style.css" />
< <link rel="shortcut icon" type="image/vnd.microsoft.icon" href="favicon.ico?v=2" />
< <link rel="icon" type="image/vnd.microsoft.icon" href="favicon.ico?v=2" />
< 
< <script type="text/javascript">
< 
< function setButtonName (txt) {
< /*
<    Aktion speichern
<    nur submit, wenn Username und Passwort vorhanden
< */
<    var kommando = txt;
<    document.loginform.aktion.value = kommando;
<    if ( kommando == 'anmelden' )  {
<       if ( document.loginform.Username.value == '' )  {
<          alert ("Sie haben keinen Usernamen eingegeben");
<          return;
<       }
<       if ( document.loginform.Password.value == '' )  {
<          alert ("Sie haben kein Passwort eingegeben");
<          return;
<       }
<     }
<    document.loginform.submit();
< }
< 
< </script>
< 
< </head>
< 
< <body">
< <br /><br />
< <div id="TWO_WAY_AUTH">
< <form id="loginform" name="loginform" action="login_2_wege_page.php?Realm=sdla-ras" method="post" autocomplete="off">
<   <input type="hidden" name="aktion" />
<   <input type="hidden" name="sprache" value="1" />
<   <div align="left">
<     <a target="_blank" href="http://www.versatel.de";>
<       <img border="0" alt="http://www.versatel.de"; src="header_csa/header_img/Versatel-Logo-RGB.gif" style="padding: 0px 0px 0px 10px;"/>
<     </a>
<   </div>
<   <div id="EINGABE">
<     <div align="center">
<       Anmeldung f&uuml;r      <br />
<     </div>
<     <div align="center">
<       @sdla-ras    </div>
<     <div class="left width35" align="right">
<       Benutzername:&nbsp;&nbsp;
<     </div>
<     <div class="left">
<       <input type="text" autocomplete="off" name="Username" value="" />
<     </div>
<     <br class="clear" />
<     <div class="left width35" align="right">
<       Passwort:&nbsp;&nbsp;
<     </div>
<     <div class="left">
<       <input type="password" autocomplete="off" name="Password"  />
<     </div>
<     <br class="clear" />
<     <div class="left width35" align="right">
<       Sprache:&nbsp;&nbsp;
<     </div>
<     <div class="left">
<       <span class="cursor_hand" onclick="setButtonName('deutsch');">
<         <img src="images/de.gif" title="Spracheinstellung Deutsch" alt="de" />
<       </span>
<       &nbsp;&nbsp;&nbsp;&nbsp;
<       <span class="cursor_hand" onclick="setButtonName('english');">
<         <img src="images/en.gif" title="Language English" alt="en" />
<       </span>
<     </div>
<     <br class="clear" />
<     <div style="font-size:15pt" align="center">
<       &nbsp;
<     </div>
<     <div align="center">
<       <span class="cursor_hand" onclick="setButtonName('anmelden')">
<         Anmelden&nbsp;
<         <img src="images/pfeil_re.gif" alt="Anmelden" />
<       </span>
<     </div>
<     <div id="IMPRESSUM">
<       <a target="_blank" href="http://www.versatel.de/impressum";>
<         &nbsp;Impressum
<       </a>
<     </div> 
<   </div>
< </form>
< </div>
< </body>
< </html>
XML response has no "auth" node
GET https://remote.vpnserver.de/sdla-ras
Attempting to connect to server x.x.x.x:443
Connected to x.x.x.x:443
SSL negotiation with remote.vpnserver.de
Server certificate verify failed: self signed certificate in certificate chain
Connected to HTTPS on remote.vpnserver.de
> GET /sdla-ras HTTP/1.1
> Host: remote.vpnserver.de
> User-Agent: Open AnyConnect VPN Agent v8.03
> Cookie: TS01a3b48b=0195ed2da393ec9a53f245346927ead98e805380d2087bef60ad5b9ca8a49774654d40cf74805d2a666b2aaee3febf17ba63bc74c5
> Accept: */*
> Accept-Encoding: identity
> X-Transcend-Version: 1
> X-Support-HTTP-Auth: true
> 
Got HTTP response: HTTP/1.1 200 OK
Date: Wed, 03 Jul 2019 20:15:01 GMT
X-Powered-By: PHP/5.3.3
Content-Length: 3251
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: TS01a3b48b=0195ed2da393ec9a53f245346927ead98e805380d2087bef60ad5b9ca8a49774654d40cf74805d2a666b2aaee3febf17ba63bc74c5; Path=/
HTTP body length:  (3251)
< <!DOCTYPE html>
< <html>
< <head>
< <title>1&amp;1 Versatel - VPN Authentifizierung</title>
< <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
< <meta http-equiv="Content-Style-Type" content="text/css" />
< <meta http-equiv="cache-control" content="no-cache" />
< <meta http-equiv="pragma" content="no-cache" />
< <meta name="Author" content="1&amp;1 Versatel Deutschland GmbH" />
< <meta name="robots" content="noindex,nofollow,noarchive" />
< <link rel="stylesheet" type="text/css" href="style.css" />
< <link rel="shortcut icon" type="image/vnd.microsoft.icon" href="favicon.ico?v=2" />
< <link rel="icon" type="image/vnd.microsoft.icon" href="favicon.ico?v=2" />
< 
< <script type="text/javascript">
< 
< function setButtonName (txt) {
< /*
<    Aktion speichern
<    nur submit, wenn Username und Passwort vorhanden
< */
<    var kommando = txt;
<    document.loginform.aktion.value = kommando;
<    if ( kommando == 'anmelden' )  {
<       if ( document.loginform.Username.value == '' )  {
<          alert ("Sie haben keinen Usernamen eingegeben");
<          return;
<       }
<       if ( document.loginform.Password.value == '' )  {
<          alert ("Sie haben kein Passwort eingegeben");
<          return;
<       }
<     }
<    document.loginform.submit();
< }
< 
< </script>
< 
< </head>
< 
< <body">
< <br /><br />
< <div id="TWO_WAY_AUTH">
< <form id="loginform" name="loginform" action="login_2_wege_page.php?Realm=sdla-ras" method="post" autocomplete="off">
<   <input type="hidden" name="aktion" />
<   <input type="hidden" name="sprache" value="1" />
<   <div align="left">
<     <a target="_blank" href="http://www.versatel.de";>
<       <img border="0" alt="http://www.versatel.de"; src="header_csa/header_img/Versatel-Logo-RGB.gif" style="padding: 0px 0px 0px 10px;"/>
<     </a>
<   </div>
<   <div id="EINGABE">
<     <div align="center">
<       Anmeldung f&uuml;r      <br />
<     </div>
<     <div align="center">
<       @sdla-ras    </div>
<     <div class="left width35" align="right">
<       Benutzername:&nbsp;&nbsp;
<     </div>
<     <div class="left">
<       <input type="text" autocomplete="off" name="Username" value="" />
<     </div>
<     <br class="clear" />
<     <div class="left width35" align="right">
<       Passwort:&nbsp;&nbsp;
<     </div>
<     <div class="left">
<       <input type="password" autocomplete="off" name="Password"  />
<     </div>
<     <br class="clear" />
<     <div class="left width35" align="right">
<       Sprache:&nbsp;&nbsp;
<     </div>
<     <div class="left">
<       <span class="cursor_hand" onclick="setButtonName('deutsch');">
<         <img src="images/de.gif" title="Spracheinstellung Deutsch" alt="de" />
<       </span>
<       &nbsp;&nbsp;&nbsp;&nbsp;
<       <span class="cursor_hand" onclick="setButtonName('english');">
<         <img src="images/en.gif" title="Language English" alt="en" />
<       </span>
<     </div>
<     <br class="clear" />
<     <div style="font-size:15pt" align="center">
<       &nbsp;
<     </div>
<     <div align="center">
<       <span class="cursor_hand" onclick="setButtonName('anmelden')">
<         Anmelden&nbsp;
<         <img src="images/pfeil_re.gif" alt="Anmelden" />
<       </span>
<     </div>
<     <div id="IMPRESSUM">
<       <a target="_blank" href="http://www.versatel.de/impressum";>
<         &nbsp;Impressum
<       </a>
<     </div> 
<   </div>
< </form>
< </div>
< </body>
< </html>
XML response has no "auth" node
Failed to obtain WebVPN cookie
POST https://gateway.remote.vpnserver.de/
Attempting to connect to server y.y.y.y:443
Socket connect canceled
Failed to connect to y.y.y.y:443: Interrupted system call
Failed to connect to host gateway.remote.vpnserver.de
Failed to open HTTPS connection to gateway.remote.vpnserver.de
Failed to obtain WebVPN cookie


Best Regards
Steffen Löser

-----Ursprüngliche Nachricht-----
Von: David Woodhouse [mailto:dwmw2@xxxxxxxxxxxxx] 
Gesendet: Mittwoch, 3. Juli 2019 21:15
An: Steffen Loeser; Daniel Lenski
Cc: openconnect-devel
Betreff: Re: AW: Skipt Phase 1 when connecting using openconnect

On Wed, 2019-07-03 at 20:43 +0200, Steffen Loeser wrote:
> As told before, the Authentication process has been defined
> absolutely independent and could be started from a different device.
> At the end, even the Cookie is not required to connect by openconnect
> - I just need to refer a server and a client certificate.
> 
> openconnect --certificate=clientcert.p12 --cafile=Server.crt gateway.vpnserver.de

Hm, what version of OpenConnect is this? I think this could well have
been fixed in 8.00.

If you are running that or newer, please show me the output after
adding --dump-http-traffic to the command line.



_______________________________________________
openconnect-devel mailing list
openconnect-devel@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/openconnect-devel




[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux