Re: VPN seems to connect but fails to get a response from the peer

Adam Allgood <avram.meir@xxxxxxxxx> · Fri, 10 Jan 2020 13:38:29 -0500

David and Daniel,

I don't know if this will be helpful information or not in figuring
out my question, but here is the routing table information from
ChromeOS:

route [-4] [-6]
  Display the routing tables.
  Default is to show IPv4 [-4] rather than IPv6 [-6] routes.

crosh>  route -4
/0 [ ip -4 rule list ]
/1 0:   from all lookup local
/2 9:   from all lookup main
/3 10:  from all oif wlan0 lookup 1002
/4 10:  from 172.20.10.5/28 lookup 1002
/5 10:  from all iif wlan0 lookup 1002
/6 32765:       from all lookup 1002
/7 32766:       from all lookup main
/8 32767:       from all lookup default
/9
/10 [ ip -4 route show table main ]
/11 100.115.92.0/30 dev arcbr0 proto kernel scope link src 100.115.92.1
/12 100.115.92.8/30 dev arc_wlan0 proto kernel scope link src 100.115.92.9
/13 172.20.10.0/28 dev wlan0 proto kernel scope link src 172.20.10.5
/14
/15 [ ip -4 route show table 1002 ]
/16 default via 172.20.10.1 dev wlan0 metric 10

crosh> route -6
/0 [ ip -6 rule list ]
/1 0:   from all lookup local
/2 9:   from all lookup main
/3 10:  from all oif wlan0 lookup 1002
/4 10:  from fe80::9278:41ff:fe89:14f3/64 lookup 1002
/5 10:  from 2600:380:1973:7471:58fb:d58c:27d5:a1d3/64 lookup 1002
/6 10:  from 2600:380:1973:7471:9278:41ff:fe89:14f3/64 lookup 1002
/7 10:  from all iif wlan0 lookup 1002
/8 32765:       from all lookup 1002
/9 32766:       from all lookup main
/10
/11 [ ip -6 route show table main ]
/12 2600:380:1973:7471::/64 dev arc_wlan0 metric 1024  pref medium
/13 fe80::/64 dev arc_wlan0 proto kernel metric 256  pref medium
/14 fe80::/64 dev veth_wlan0 proto kernel metric 256  pref medium
/15 fe80::/64 dev arcbr0 proto kernel metric 256  pref medium
/16 fe80::/64 dev veth_arc0 proto kernel metric 256  pref medium
/17
/18 [ ip -6 route show table 1002 ]
/19 2600:380:1973:7471::/64 dev wlan0 proto kernel metric 256  mtu
1410 pref medium
/20 fe80::/64 dev wlan0 proto kernel metric 256  mtu 1410 pref medium
/21 default via fe80::460:74dc:d7c5:5e7f dev wlan0 proto ra metric 10
pref medium

These outputs did not seem to change whether I was connected to the VPN or not.

On Thu, Jan 9, 2020 at 11:17 PM Adam Allgood <avram.meir@xxxxxxxxx> wrote:
>
> Hello again David and Daniel,
>
> I opened a GitHub issue on the crouton project describing this problem
> to see if anyone there had any insights. A fellow responded that he
> had the same connectivity issues (using vpnc), and solved it. He
> wrote:
>
> ------
>
> Ah-ha! It's taken a while, but it looks like ChromeOS has changed
> where the routing information is stored in the latest versions of
> Chrome. By default, your VPN client likely tries to put the routing
> information into the default routing table, but ChromeOS actually uses
> table 1002 (not sure if that's standard across all installs, but
> that's where my system is putting them).
>
> I'm using vpnc, so the following post connect actions work:
>
> ip route del default dev ${TUNDEV}
> ip route add **NETWORK/MASK** dev ${TUNDEV} table 1002
>
> ------
>
> Unfortunately I do not understand much of what this means, and those
> commands did not work (**NETWORK/MASK** is invalid). Do you know how I
> could direct openconnect to put the routing information into a
> different table (e.g., 1002)?
>
> Thanks so much!
> Adam
>
>
> On Wed, Dec 18, 2019 at 7:04 PM Adam Allgood <avram.meir@xxxxxxxxx> wrote:
> >
> > A sample of sudo tcpdump -i any from my PC running Ubuntu when
> > successfully connected to the VPN (NOTE - I am accessing the machine
> > via Chrome remote desktop):
> >
> > 18:59:18.810613 IP 192.168.1.197.45525 > 192.168.1.202.41357: UDP, length 38
> > 18:59:18.815978 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 93
> > 18:59:18.817385 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1139
> > 18:59:18.817422 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1139
> > 18:59:18.817462 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1139
> > 18:59:18.817479 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1139
> > 18:59:18.817505 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1139
> > 18:59:18.817537 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1139
> > 18:59:18.817569 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1139
> > 18:59:18.817589 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1139
> > 18:59:18.817616 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1139
> > 18:59:18.817644 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1139
> > 18:59:18.817691 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1139
> > 18:59:18.817739 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1139
> > 18:59:18.817884 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1139
> > 18:59:18.817911 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1139
> > 18:59:18.817944 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1139
> > 18:59:18.817967 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1139
> > 18:59:18.817993 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1139
> > 18:59:18.818009 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1139
> > 18:59:18.821944 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1139
> > 18:59:18.821966 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.821983 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.822010 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.822037 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.822066 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.822094 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.822137 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.822171 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.822248 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.822265 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.822289 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.822310 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.822338 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.822375 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.822395 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.822509 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.826663 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.826734 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.826779 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.826817 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.826867 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.826905 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.826955 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.827007 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.827044 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.827088 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1140
> > 18:59:18.844509 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 93
> >
> > It has a lot of this, with a long string of length 1161, and some
> > shorter length. Then this:
> >
> > 18:59:18.909502 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1162
> > 18:59:18.909561 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1162
> > 18:59:18.909604 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1162
> > 18:59:18.909645 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1162
> > 18:59:18.909680 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1162
> > 18:59:18.909725 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 1162
> > 18:59:18.917401 IP 192.168.1.197.45525 > 192.168.1.202.41357: UDP, length 70
> > 18:59:18.961249 IP 192.168.1.197.45525 > 192.168.1.202.41357: UDP, length 86
> > 18:59:19.152803 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 102
> > 18:59:19.275510 IP 192.168.1.197.45525 > 192.168.1.202.41357: UDP, length 90
> > 18:59:19.313553 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 102
> > 18:59:19.739364 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 70
> > 18:59:19.786726 IP 192.168.56.141.52216 > 10.90.110.51.domain: 11316+
> > PTR? 202.1.168.192.in-addr.arpa. (44)
> > 18:59:19.786807 IP 192.168.1.202.52390 > 140.90.73.186.443: UDP, length 125
> > 18:59:19.799656 IP 140.90.73.186.443 > 192.168.1.202.52390: UDP, length 173
> > 18:59:19.799717 IP 10.90.110.51.domain > 192.168.56.141.52216: 11316
> > NXDomain 0/1/0 (79)
> > 18:59:19.799839 IP 192.168.56.141.45494 > 10.90.110.51.domain: 34898+
> > PTR? 197.1.168.192.in-addr.arpa. (44)
> > 18:59:19.799865 IP 192.168.1.202.52390 > 140.90.73.186.443: UDP, length 125
> > 18:59:19.812120 IP 140.90.73.186.443 > 192.168.1.202.52390: UDP, length 173
> > 18:59:19.812194 IP 10.90.110.51.domain > 192.168.56.141.45494: 34898
> > NXDomain 0/1/0 (79)
> > 18:59:20.041334 ARP, Request who-has 192.168.1.202 (48:e2:44:80:1e:eb
> > (oui Unknown)) tell 192.168.1.1, length 46
> > 18:59:20.041358 ARP, Reply 192.168.1.202 is-at 48:e2:44:80:1e:eb (oui
> > Unknown), length 28
> > 18:59:20.058468 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 100
> > 18:59:20.080557 IP 192.168.1.197.45525 > 192.168.1.202.41357: UDP, length 64
> > 18:59:20.084841 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 70
> > 18:59:20.104805 IP 192.168.1.197.45525 > 192.168.1.202.41357: UDP, length 90
> > 18:59:20.279707 IP 192.168.1.197.45525 > 192.168.1.202.41357: UDP, length 96
> > 18:59:20.280048 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 64
> > 18:59:20.697975 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 102
> > 18:59:20.809886 IP 192.168.56.141.59956 > 10.90.110.51.domain: 20623+
> > PTR? 51.110.90.10.in-addr.arpa. (43)
> > 18:59:20.810021 IP 192.168.1.202.52390 > 140.90.73.186.443: UDP, length 125
> > 18:59:20.820289 IP 140.90.73.186.443 > 192.168.1.202.52390: UDP, length 221
> > 18:59:20.820460 IP 10.90.110.51.domain > 192.168.56.141.59956: 20623
> > NXDomain* 0/1/0 (139)
> > 18:59:20.820731 IP 192.168.56.141.37441 > 10.90.110.51.domain: 41176+
> > PTR? 141.56.168.192.in-addr.arpa. (45)
> > 18:59:20.820857 IP 192.168.1.202.52390 > 140.90.73.186.443: UDP, length 125
> > 18:59:20.839814 IP 140.90.73.186.443 > 192.168.1.202.52390: UDP, length 173
> > 18:59:20.839976 IP 10.90.110.51.domain > 192.168.56.141.37441: 41176
> > NXDomain 0/1/0 (80)
> > 18:59:20.840313 IP 192.168.56.141.46710 > 10.90.110.51.domain: 32975+
> > PTR? 186.73.90.140.in-addr.arpa. (44)
> > 18:59:20.840440 IP 192.168.1.202.52390 > 140.90.73.186.443: UDP, length 125
> > 18:59:20.853943 IP 140.90.73.186.443 > 192.168.1.202.52390: UDP, length 189
> > 18:59:20.854110 IP 10.90.110.51.domain > 192.168.56.141.46710: 32975
> > NXDomain 0/1/0 (109)
> > 18:59:20.854492 IP 192.168.56.141.39237 > 10.90.110.51.domain: 41073+
> > PTR? 1.1.168.192.in-addr.arpa. (42)
> > 18:59:20.854586 IP 192.168.1.202.52390 > 140.90.73.186.443: UDP, length 125
> > 18:59:20.868620 IP 140.90.73.186.443 > 192.168.1.202.52390: UDP, length 157
> > 18:59:20.868787 IP 10.90.110.51.domain > 192.168.56.141.39237: 41073
> > NXDomain 0/1/0 (77)
> > 18:59:20.897173 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 93
> > 18:59:20.900585 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 381
> > 18:59:20.974134 IP 192.168.1.197.45525 > 192.168.1.202.41357: UDP, length 38
> > 18:59:21.137589 IP 192.168.1.197.45525 > 192.168.1.202.41357: UDP, length 65
> > 18:59:21.383239 IP 192.168.1.197.45525 > 192.168.1.202.41357: UDP, length 90
> > 18:59:21.976172 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 102
> > 18:59:22.564374 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 100
> > 18:59:22.566561 IP 192.168.1.197.45525 > 192.168.1.202.41357: UDP, length 64
> > 18:59:22.748793 IP 192.168.1.197.45525 > 192.168.1.202.41357: UDP, length 90
> > 18:59:22.764725 IP 192.168.1.197.45525 > 192.168.1.202.41357: UDP, length 22
> > 18:59:22.774219 IP 192.168.1.197.45525 > 192.168.1.202.41357: UDP, length 96
> > 18:59:22.774545 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 64
> > 18:59:22.795977 IP 192.168.1.202.41357 > 192.168.1.197.45525: UDP, length 102
> >
> > Can you shed any light on what might be going on here vs. when
> > attempting to connect in my crouton chroot?
> >
> > Thanks so much!
> >
> > On Tue, Dec 17, 2019 at 10:47 PM Adam Allgood <avram.meir@xxxxxxxxx> wrote:
> > >
> > > On Tue, Dec 17, 2019 at 5:24 AM David Woodhouse <dwmw2@xxxxxxxxxxxxx> wrote:
> > > >
> > > > Perhaps the server is in a round-robin DNS and you really are getting
> > > > different servers (hence difference certificate fingerprints) every
> > > > time. You'd do better to *fix* the certificate problem. Can't you
> > > > install the appropriate SSL CA so that they're properly trusted?
> > >
> > > I will put in a ticket with my IT networking folks, but unfortunately
> > > they are beyond swamped and this issue will likely be extremely low
> > > priority for them since the majority of users can access the VPN with
> > > no problems.
> > >
> > > > Or maybe it's something going wrong with the routing setup. Maybe your
> > > > *outbound* packets aren't actually reaching the VPN server? Or the
> > > > inbound packets on the public network are being firewalled locally and
> > > > not reaching openconnect?
> > > >
> > > > Can you get a packet capture on your local network to correlate with a
> > > > DTLS send/receive debug log like the ones you showed before? And can
> > > > you show the output of 'ip route' before and after connecting?
> > > >
> > >
> > > I connected while running sudo tcpdump -i any, which produced a
> > > humongous file. Here is a sample of the output (trying to find where
> > > the connection to the VPN is made):
> > >
> > > 22:32:51.058707 IP localhost.30011 > localhost.43934: Flags [P.], seq
> > > 6565:6577, ack 15694, win 350, options [nop,nop,TS val 32971139 ecr
> > > 32971139], length 12
> > > 22:32:51.094305 IP localhost.43934 > localhost.30011: Flags [P.], seq
> > > 15694:15722, ack 6577, win 3635, options [nop,nop,TS val 32971175 ecr
> > > 32971139], length 28
> > > 22:32:51.094520 IP localhost.30011 > localhost.43934: Flags [P.], seq
> > > 6577:6589, ack 15722, win 350, options [nop,nop,TS val 32971175 ecr
> > > 32971175], length 12
> > > 22:32:51.130243 IP localhost.43934 > localhost.30011: Flags [P.], seq
> > > 15722:15750, ack 6589, win 3635, options [nop,nop,TS val 32971211 ecr
> > > 32971175], length 28
> > > 22:32:51.130456 IP localhost.30011 > localhost.43934: Flags [P.], seq
> > > 6589:6601, ack 15750, win 350, options [nop,nop,TS val 32971211 ecr
> > > 32971211], length 12
> > > 22:32:51.166144 IP localhost.43934 > localhost.30011: Flags [P.], seq
> > > 15750:15778, ack 6601, win 3635, options [nop,nop,TS val 32971247 ecr
> > > 32971211], length 28
> > > 22:32:51.166362 IP localhost.30011 > localhost.43934: Flags [P.], seq
> > > 6601:6613, ack 15778, win 350, options [nop,nop,TS val 32971247 ecr
> > > 32971247], length 12
> > > 22:32:51.201903 IP localhost.43934 > localhost.30011: Flags [P.], seq
> > > 15778:15806, ack 6613, win 3635, options [nop,nop,TS val 32971282 ecr
> > > 32971247], length 28
> > > 22:32:51.205718 IP localhost.30011 > localhost.43934: Flags [P.], seq
> > > 6613:6625, ack 15806, win 350, options [nop,nop,TS val 32971286 ecr
> > > 32971282], length 12
> > > 22:32:51.223364 IP localhost.43934 > localhost.30011: Flags [P.], seq
> > > 15806:15834, ack 6625, win 3635, options [nop,nop,TS val 32971304 ecr
> > > 32971286], length 28
> > > 22:32:51.223599 IP localhost.30011 > localhost.43934: Flags [P.], seq
> > > 6625:6637, ack 15834, win 350, options [nop,nop,TS val 32971304 ecr
> > > 32971304], length 12
> > > 22:32:51.259141 IP localhost.43934 > localhost.30011: Flags [P.], seq
> > > 15834:15862, ack 6637, win 3635, options [nop,nop,TS val 32971340 ecr
> > > 32971304], length 28
> > > 22:32:51.259406 IP localhost.30011 > localhost.43934: Flags [P.], seq
> > > 6637:6649, ack 15862, win 350, options [nop,nop,TS val 32971340 ecr
> > > 32971340], length 12
> > > 22:32:51.294607 IP localhost.43934 > localhost.30011: Flags [P.], seq
> > > 15862:15890, ack 6649, win 3635, options [nop,nop,TS val 32971375 ecr
> > > 32971340], length 28
> > > 22:32:51.294820 IP localhost.30011 > localhost.43934: Flags [P.], seq
> > > 6649:6661, ack 15890, win 350, options [nop,nop,TS val 32971375 ecr
> > > 32971375], length 12
> > > 22:32:51.316029 IP6 :: > ff02::16: HBH ICMP6, multicast listener
> > > report v2, 1 group record(s), length 28
> > > 22:32:51.329336 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 141
> > > 22:32:51.329363 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 221
> > > 22:32:51.329380 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 301
> > > 22:32:51.329396 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 381
> > > 22:32:51.329413 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 461
> > > 22:32:51.329430 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 541
> > > 22:32:51.329447 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 621
> > > 22:32:51.329465 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 701
> > > 22:32:51.329483 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 781
> > > 22:32:51.329502 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 861
> > > 22:32:51.329521 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 941
> > > 22:32:51.329541 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 1021
> > > 22:32:51.329561 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 1101
> > > 22:32:51.329581 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 1181
> > > 22:32:51.329602 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 1261
> > > 22:32:51.329623 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 1341
> > > 22:32:51.329647 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, bad
> > > length 1421 > 1376
> > > 22:32:51.329648 IP 192.168.1.197 > 140.90.73.186: udp
> > > 22:32:51.329677 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, bad
> > > length 1469 > 1376
> > > 22:32:51.329679 IP 192.168.1.197 > 140.90.73.186: udp
> > > 22:32:51.329686 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 125
> > > 22:32:51.329714 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, bad
> > > length 1469 > 1376
> > > 22:32:51.329716 IP 192.168.1.197 > 140.90.73.186: udp
> > >
> > > I get a lot of this, and then it settles into this pattern:
> > >
> > > 22:33:21.461356 IP 192.168.1.197 > 140.90.73.186: udp
> > > 22:33:21.461360 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 173
> > > 22:33:21.461364 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 253
> > > 22:33:21.461369 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 333
> > > 22:33:21.461373 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 413
> > > 22:33:21.461377 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 493
> > > 22:33:21.461382 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 573
> > > 22:33:21.461388 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 653
> > > 22:33:21.461393 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 733
> > > 22:33:21.461399 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 813
> > > 22:33:21.461444 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, bad
> > > length 1469 > 1376
> > > 22:33:21.461445 IP 192.168.1.197 > 140.90.73.186: udp
> > > 22:33:21.461450 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 173
> > > 22:33:21.461454 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 253
> > > 22:33:21.461459 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 333
> > > 22:33:21.461464 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 413
> > > 22:33:21.461470 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 493
> > > 22:33:21.461475 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 573
> > > 22:33:21.461481 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 653
> > > 22:33:21.461488 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 733
> > > 22:33:21.461495 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, length 813
> > > 22:33:21.461523 IP 192.168.1.197.41287 > 140.90.73.186.443: UDP, bad
> > > length 1469 > 1376
> > > 22:33:21.461524 IP 192.168.1.197 > 140.90.73.186: udp
> > >
> > > Is this helpful? I'll see if I can capture packets on my Xubuntu
> > > system that connects successfully, and email samples separately.
> > >
> > > As for ip route, before connecting to vpn:
> > >
> > > (bionic)avrammeir@localhost:~$ ip route
> > > 100.115.92.0/30 dev arcbr0 proto kernel scope link src 100.115.92.1
> > > 100.115.92.8/30 dev arc_wlan0 proto kernel scope link src 100.115.92.9
> > > 192.168.1.0/24 dev wlan0 proto kernel scope link src 192.168.1.197
> > >
> > > And after connecting (I did this in a separate connection attempt from
> > > the packet captures):
> > >
> > > (bionic)avrammeir@localhost:~$ ip route
> > > default dev tun0 scope link
> > > 100.115.92.0/30 dev arcbr0 proto kernel scope link src 100.115.92.1
> > > 100.115.92.8/30 dev arc_wlan0 proto kernel scope link src 100.115.92.9
> > > 192.168.1.0/24 dev wlan0 proto kernel scope link src 192.168.1.197
> > > 192.168.56.0/24 dev tun0 scope link
> > >
> > > Thank you!
> > > Adam

_______________________________________________
openconnect-devel mailing list
openconnect-devel@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/openconnect-devel