Hi, I updated openconnect but still the same : POST https://remote.vpnserver.de/sdla-ras Attempting to connect to server x.x.x.x:443 Connected to x.x.x.x:443 SSL negotiation with remote.vpnserver.de Server certificate verify failed: self signed certificate in certificate chain Connected to HTTPS on remote.vpnserver.de > POST /sdla-ras HTTP/1.1 > Host: remote.vpnserver.de > User-Agent: Open AnyConnect VPN Agent v8.03 > Accept: */* > Accept-Encoding: identity > X-Transcend-Version: 1 > X-Aggregate-Auth: 1 > X-AnyConnect-Platform: linux-64 > X-Support-HTTP-Auth: true > X-Pad: 00000000000000000000000000000000000000 > Content-Type: application/x-www-form-urlencoded > Content-Length: 218 > > <?xml version="1.0" encoding="UTF-8"?> > <config-auth client="vpn" type="init"><version who="vpn">v8.03</version><device-id>linux-64</device-id><group-access>https://remote.vpnserver.de/sdla-ras</group-access></config-auth> Got HTTP response: HTTP/1.1 200 OK Date: Wed, 03 Jul 2019 20:15:01 GMT X-Powered-By: PHP/5.3.3 Content-Length: 3251 Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: TS01a3b48b=0195ed2da393ec9a53f245346927ead98e805380d2087bef60ad5b9ca8a49774654d40cf74805d2a666b2aaee3febf17ba63bc74c5; Path=/ HTTP body length: (3251) < <!DOCTYPE html> < <html> < <head> < <title>1&1 Versatel - VPN Authentifizierung</title> < <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> < <meta http-equiv="Content-Style-Type" content="text/css" /> < <meta http-equiv="cache-control" content="no-cache" /> < <meta http-equiv="pragma" content="no-cache" /> < <meta name="Author" content="1&1 Versatel Deutschland GmbH" /> < <meta name="robots" content="noindex,nofollow,noarchive" /> < <link rel="stylesheet" type="text/css" href="style.css" /> < <link rel="shortcut icon" type="image/vnd.microsoft.icon" href="favicon.ico?v=2" /> < <link rel="icon" type="image/vnd.microsoft.icon" href="favicon.ico?v=2" /> < < <script type="text/javascript"> < < function setButtonName (txt) { < /* < Aktion speichern < nur submit, wenn Username und Passwort vorhanden < */ < var kommando = txt; < document.loginform.aktion.value = kommando; < if ( kommando == 'anmelden' ) { < if ( document.loginform.Username.value == '' ) { < alert ("Sie haben keinen Usernamen eingegeben"); < return; < } < if ( document.loginform.Password.value == '' ) { < alert ("Sie haben kein Passwort eingegeben"); < return; < } < } < document.loginform.submit(); < } < < </script> < < </head> < < <body"> < <br /><br /> < <div id="TWO_WAY_AUTH"> < <form id="loginform" name="loginform" action="login_2_wege_page.php?Realm=sdla-ras" method="post" autocomplete="off"> < <input type="hidden" name="aktion" /> < <input type="hidden" name="sprache" value="1" /> < <div align="left"> < <a target="_blank" href="http://www.versatel.de";> < <img border="0" alt="http://www.versatel.de"; src="header_csa/header_img/Versatel-Logo-RGB.gif" style="padding: 0px 0px 0px 10px;"/> < </a> < </div> < <div id="EINGABE"> < <div align="center"> < Anmeldung für <br /> < </div> < <div align="center"> < @sdla-ras </div> < <div class="left width35" align="right"> < Benutzername: < </div> < <div class="left"> < <input type="text" autocomplete="off" name="Username" value="" /> < </div> < <br class="clear" /> < <div class="left width35" align="right"> < Passwort: < </div> < <div class="left"> < <input type="password" autocomplete="off" name="Password" /> < </div> < <br class="clear" /> < <div class="left width35" align="right"> < Sprache: < </div> < <div class="left"> < <span class="cursor_hand" onclick="setButtonName('deutsch');"> < <img src="images/de.gif" title="Spracheinstellung Deutsch" alt="de" /> < </span> < < <span class="cursor_hand" onclick="setButtonName('english');"> < <img src="images/en.gif" title="Language English" alt="en" /> < </span> < </div> < <br class="clear" /> < <div style="font-size:15pt" align="center"> < < </div> < <div align="center"> < <span class="cursor_hand" onclick="setButtonName('anmelden')"> < Anmelden < <img src="images/pfeil_re.gif" alt="Anmelden" /> < </span> < </div> < <div id="IMPRESSUM"> < <a target="_blank" href="http://www.versatel.de/impressum";> < Impressum < </a> < </div> < </div> < </form> < </div> < </body> < </html> XML response has no "auth" node GET https://remote.vpnserver.de/sdla-ras Attempting to connect to server x.x.x.x:443 Connected to x.x.x.x:443 SSL negotiation with remote.vpnserver.de Server certificate verify failed: self signed certificate in certificate chain Connected to HTTPS on remote.vpnserver.de > GET /sdla-ras HTTP/1.1 > Host: remote.vpnserver.de > User-Agent: Open AnyConnect VPN Agent v8.03 > Cookie: TS01a3b48b=0195ed2da393ec9a53f245346927ead98e805380d2087bef60ad5b9ca8a49774654d40cf74805d2a666b2aaee3febf17ba63bc74c5 > Accept: */* > Accept-Encoding: identity > X-Transcend-Version: 1 > X-Support-HTTP-Auth: true > Got HTTP response: HTTP/1.1 200 OK Date: Wed, 03 Jul 2019 20:15:01 GMT X-Powered-By: PHP/5.3.3 Content-Length: 3251 Connection: close Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: TS01a3b48b=0195ed2da393ec9a53f245346927ead98e805380d2087bef60ad5b9ca8a49774654d40cf74805d2a666b2aaee3febf17ba63bc74c5; Path=/ HTTP body length: (3251) < <!DOCTYPE html> < <html> < <head> < <title>1&1 Versatel - VPN Authentifizierung</title> < <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> < <meta http-equiv="Content-Style-Type" content="text/css" /> < <meta http-equiv="cache-control" content="no-cache" /> < <meta http-equiv="pragma" content="no-cache" /> < <meta name="Author" content="1&1 Versatel Deutschland GmbH" /> < <meta name="robots" content="noindex,nofollow,noarchive" /> < <link rel="stylesheet" type="text/css" href="style.css" /> < <link rel="shortcut icon" type="image/vnd.microsoft.icon" href="favicon.ico?v=2" /> < <link rel="icon" type="image/vnd.microsoft.icon" href="favicon.ico?v=2" /> < < <script type="text/javascript"> < < function setButtonName (txt) { < /* < Aktion speichern < nur submit, wenn Username und Passwort vorhanden < */ < var kommando = txt; < document.loginform.aktion.value = kommando; < if ( kommando == 'anmelden' ) { < if ( document.loginform.Username.value == '' ) { < alert ("Sie haben keinen Usernamen eingegeben"); < return; < } < if ( document.loginform.Password.value == '' ) { < alert ("Sie haben kein Passwort eingegeben"); < return; < } < } < document.loginform.submit(); < } < < </script> < < </head> < < <body"> < <br /><br /> < <div id="TWO_WAY_AUTH"> < <form id="loginform" name="loginform" action="login_2_wege_page.php?Realm=sdla-ras" method="post" autocomplete="off"> < <input type="hidden" name="aktion" /> < <input type="hidden" name="sprache" value="1" /> < <div align="left"> < <a target="_blank" href="http://www.versatel.de";> < <img border="0" alt="http://www.versatel.de"; src="header_csa/header_img/Versatel-Logo-RGB.gif" style="padding: 0px 0px 0px 10px;"/> < </a> < </div> < <div id="EINGABE"> < <div align="center"> < Anmeldung für <br /> < </div> < <div align="center"> < @sdla-ras </div> < <div class="left width35" align="right"> < Benutzername: < </div> < <div class="left"> < <input type="text" autocomplete="off" name="Username" value="" /> < </div> < <br class="clear" /> < <div class="left width35" align="right"> < Passwort: < </div> < <div class="left"> < <input type="password" autocomplete="off" name="Password" /> < </div> < <br class="clear" /> < <div class="left width35" align="right"> < Sprache: < </div> < <div class="left"> < <span class="cursor_hand" onclick="setButtonName('deutsch');"> < <img src="images/de.gif" title="Spracheinstellung Deutsch" alt="de" /> < </span> < < <span class="cursor_hand" onclick="setButtonName('english');"> < <img src="images/en.gif" title="Language English" alt="en" /> < </span> < </div> < <br class="clear" /> < <div style="font-size:15pt" align="center"> < < </div> < <div align="center"> < <span class="cursor_hand" onclick="setButtonName('anmelden')"> < Anmelden < <img src="images/pfeil_re.gif" alt="Anmelden" /> < </span> < </div> < <div id="IMPRESSUM"> < <a target="_blank" href="http://www.versatel.de/impressum";> < Impressum < </a> < </div> < </div> < </form> < </div> < </body> < </html> XML response has no "auth" node Failed to obtain WebVPN cookie POST https://gateway.remote.vpnserver.de/ Attempting to connect to server y.y.y.y:443 Socket connect canceled Failed to connect to y.y.y.y:443: Interrupted system call Failed to connect to host gateway.remote.vpnserver.de Failed to open HTTPS connection to gateway.remote.vpnserver.de Failed to obtain WebVPN cookie Best Regards Steffen Löser -----Ursprüngliche Nachricht----- Von: David Woodhouse [mailto:dwmw2@xxxxxxxxxxxxx] Gesendet: Mittwoch, 3. Juli 2019 21:15 An: Steffen Loeser; Daniel Lenski Cc: openconnect-devel Betreff: Re: AW: Skipt Phase 1 when connecting using openconnect On Wed, 2019-07-03 at 20:43 +0200, Steffen Loeser wrote: > As told before, the Authentication process has been defined > absolutely independent and could be started from a different device. > At the end, even the Cookie is not required to connect by openconnect > - I just need to refer a server and a client certificate. > > openconnect --certificate=clientcert.p12 --cafile=Server.crt gateway.vpnserver.de Hm, what version of OpenConnect is this? I think this could well have been fixed in 8.00. If you are running that or newer, please show me the output after adding --dump-http-traffic to the command line. _______________________________________________ openconnect-devel mailing list openconnect-devel@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/openconnect-devel
