Can connect to Globalprotect VPN but no network access

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello,

Here is the summary of my issue:
1. I ran openconnect on Windows Powershell (as admin) as follows:
       openconnect --protocol=gp --user=<USERNAME> vpn.****.com

2. Openconnect version:
       Using GnuTLS. Features present: PKCS#11, HOTP software token,
TOTP software token, Yubikey OATH, System keys, DTLS, ESP
Supported protocols: anyconnect (default), nc, gp, pulse

3. Operating system:
       MSYS_NT-10.0-WOW  2.10.0(0.325/5/3) 2018-04-05 00:47 i686 Msys

4. I was able to connect to the VPN server, and get an ipv4 address:
Connected to HTTPS on **.**.**.**
 GlobalProtect login returned authentication-source=**
 POST https://**.**.**.**/ssl-vpn/getconfig.esp
 Session will expire after 1440 minutes.
 Tunnel timeout (rekey interval) is 120 minutes.
 Idle timeout is 180 minutes.
 No MTU received. Calculated 1326 for ESP tunnel
 POST https://**.**.**.**/ssl-vpn/hipreportcheck.esp
 Connected as **.**.**.**, using SSL, with ESP in progress
 Microsoft (R) Windows Script Host Version 5.812
Copyright (C) Microsoft Corporation. All rights reserved.
Microsoft (R) Windows Script Host Version 5.812
Copyright (C) Microsoft Corporation. All rights reserved.
VPN Gateway: **.**.**.**
Internal Address: **.**.**.**
Internal Netmask: **.**.**.**
Internal Gateway: **.**.**.**
Interface: "Local Area Connection"
MTU: 1326
Configuring "Local Area Connection" interface for Legacy IP...
done.
Configuring Legacy IP networks:
Waiting for interface to come up...
Waiting for interface to come up...
Route configuration done.
ESP session established with server
 ESP tunnel connected; exiting HTTPS mainloop.

5. The TAP adapter property in Windows control panel showed "no
network access". And all the internet traffic seemed to avoid the TAP
adapter so the result is like I was not using VPN at all.

6. Globalprotect GUI by Palo Alto Networks works fine.

6. I can use anyconnect VPN (from another VPN provider) with the same
openconnect build on the same machine.

8. I also tried on macOS, the problem is the same. I actually could
visit contents on the LAN of the VPN provider, but all other internet
connection failed (I can't test this on Windows because of 5)

Thanks,
-- 
Ruiyang Wu

_______________________________________________
openconnect-devel mailing list
openconnect-devel@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/openconnect-devel
[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux