On Wed, Oct 23, 2019 at 4:17 PM Adam Allgood <avram.meir@xxxxxxxxx> wrote: > > I have been using OpenConnect successfully for some time in an Ubuntu > Linux chroot on a chromebook, as this is the only way to authenticate > using a SmartCard into my office's Cisco VPN network on ChromeOS. > Starting in September, when I attempt to connect to the VPN, the > connection seems to work but I am no longer able to access anything on > the network. Your logs show that OpenConnect repeatedly tries to detect a live peer, and gives up after ~10 tries. Puzzlingly, it never attempts to *reply* to the DTLS DPD request. Are you saying that during the intervening ~300s, you can't access *anything* on the network? Can't even ping the DNS servers, or get packets back from them (e.g. `dig @10.90.110.51 @10.90.110.52 some.server.noaa.gov`) Questions: - What additional details do you get if you run with `-vvv --dump`? (much more verbose logging) - Does --no-dtls make any difference? - Have you tried building OpenConnect v8.05 from source? MTU detection is significantly improved, and this may make a difference. Thanks, Dan _______________________________________________ openconnect-devel mailing list openconnect-devel@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/openconnect-devel
