Hi Daniel, On Mon, Nov 25, 2019 at 12:53 AM Daniel Lenski <dlenski@xxxxxxxxx> wrote: > > On Fri, Nov 22, 2019 at 1:10 AM Ruiyang Wu <ruiyangwu@xxxxxxxxxxxxxxxx> wrote: > > > > Hello, > > > > Here is the summary of my issue: > > 1. I ran openconnect on Windows Powershell (as admin) as follows: > > openconnect --protocol=gp --user=<USERNAME> vpn.****.com > > > > 2. Openconnect version: > > Using GnuTLS. Features present: PKCS#11, HOTP software token, > > TOTP software token, Yubikey OATH, System keys, DTLS, ESP > > Supported protocols: anyconnect (default), nc, gp, pulse > > > > You're missing the line that includes the actual OpenConnect version > number (e.g. 7.08, 8.05). What is it? > Sorry about that. It is v8.05. > > 3. Operating system: > > MSYS_NT-10.0-WOW 2.10.0(0.325/5/3) 2018-04-05 00:47 i686 Msys > > > > 4. I was able to connect to the VPN server, and get an ipv4 address: > > Connected to HTTPS on **.**.**.** > > GlobalProtect login returned authentication-source=** > > POST https://**.**.**.**/ssl-vpn/getconfig.esp > > Session will expire after 1440 minutes. > > Tunnel timeout (rekey interval) is 120 minutes. > > Idle timeout is 180 minutes. > > No MTU received. Calculated 1326 for ESP tunnel > > POST https://**.**.**.**/ssl-vpn/hipreportcheck.esp > > Connected as **.**.**.**, using SSL, with ESP in progress > > Microsoft (R) Windows Script Host Version 5.812 > > Copyright (C) Microsoft Corporation. All rights reserved. > > Microsoft (R) Windows Script Host Version 5.812 > > Copyright (C) Microsoft Corporation. All rights reserved. > > VPN Gateway: **.**.**.** > > Internal Address: **.**.**.** > > Internal Netmask: **.**.**.** > > Internal Gateway: **.**.**.** > > Interface: "Local Area Connection" > > MTU: 1326 > > Configuring "Local Area Connection" interface for Legacy IP... > > done. > > Configuring Legacy IP networks: > > Waiting for interface to come up... > > Waiting for interface to come up... > > Route configuration done. > > ESP session established with server > > ESP tunnel connected; exiting HTTPS mainloop. > > > > 5. The TAP adapter property in Windows control panel showed "no > > network access". And all the internet traffic seemed to avoid the TAP > > adapter so the result is like I was not using VPN at all. > > > > 6. Globalprotect GUI by Palo Alto Networks works fine. > > > > 6. I can use anyconnect VPN (from another VPN provider) with the same > > openconnect build on the same machine. > > > > 8. I also tried on macOS, the problem is the same. I actually could > > visit contents on the LAN of the VPN provider, but all other internet > > connection failed (I can't test this on Windows because of 5) > > What version of the Windows routing configuration script are you > using? (https://gitlab.com/openconnect/vpnc-scripts/blob/master/vpnc-script-win.js) I don't know the version number, but I got it from (http://git.infradead.org/users/dwmw2/vpnc-scripts.git/blob_plain/HEAD:/vpnc-script-win.js). Thanks, -- Ruiyang Wu _______________________________________________ openconnect-devel mailing list openconnect-devel@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/openconnect-devel
