On Thu, 2019-07-04 at 09:58 +0200, Steffen Loeser wrote: > Hi Dan, > > That's why I was asking to skip this first phase totally. The > Anyconnect client (anyconnect-win-3.1.14018-mit_eToken.msi, probably > build by Versatel itself) connects to the VPN Server starting > directly with DTLS (UDP port 500 and some high port). > Cisco Client just needs the certificats which contain all information > where and how to connect. The Authentication had to be done first > using the WebUI prompt, the permission is then handled internally at > the VPN Servers. Ah, I don't think that's AnyConnect; I think it's IPSec. You want vpnc for that, although it's kind of unmaintained these days and we've been *talking* about adding IPSec support to OpenConnect. I don't think vpnc supports certificate auth.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ openconnect-devel mailing list openconnect-devel@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/openconnect-devel
