Hi Dan, That's why I was asking to skip this first phase totally. The Anyconnect client (anyconnect-win-3.1.14018-mit_eToken.msi, probably build by Versatel itself) connects to the VPN Server starting directly with DTLS (UDP port 500 and some high port). Cisco Client just needs the certificats which contain all information where and how to connect. The Authentication had to be done first using the WebUI prompt, the permission is then handled internally at the VPN Servers. Best Regards Steffen Löser -----Ursprüngliche Nachricht----- Von: Daniel Lenski [mailto:dlenski@xxxxxxxxx] Gesendet: Donnerstag, 4. Juli 2019 01:03 An: Steffen Loeser Cc: David Woodhouse; openconnect-devel Betreff: Re: AW: Skipt Phase 1 when connecting using openconnect On Wed, Jul 3, 2019 at 1:20 PM Steffen Loeser <s.loeser@xxxxxxxxx> wrote: > > Hi, > > I updated openconnect but still the same : Ummm… are you *certain* that this is a Cisco AnyConnect VPN server? Nothing in the headers or HTML content that you sent suggests that it is a Cisco AnyConnect VPN server. In particular the cookie names and PHP-related headers are unlike any Cisco server I've ever seen. It also does not look like a Juniper or Pulse or GlobalProtect VPN server (the other protocols supported by OpenConnect). This appears to be a login form for some kind of SSL-VPN server, but not one of the types that OpenConnect supports… My guess is that it's another flavor of SSL VPN server made by Versatel.de, but that's just a guess based on the links in the HTML. I've never seen or heard of this brand of SSL VPN software before. Dan _______________________________________________ openconnect-devel mailing list openconnect-devel@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/openconnect-devel
