On Tue, 2020-03-31 at 11:01 -0400, Tim Howard wrote: > On Sun, Mar 29, 2020 at 1:34 PM Tim Howard <tghoward@xxxxxxxxx> > wrote: > > > > Thank you both for your replies. Here's the result with just using > > the hostname: > > > > $ openconnect -C "DSID=aLongStringOfChars" --protocol=pulse > > myWorkplace.server.serv -v --os=win > > Attempting to connect to server 123.123.123.233:443 > > Connected to 123.123.123.233:443 > > SSL negotiation with myWorkplace.server.serv > > Connected to HTTPS on myWorkplace.server.serv > > Got HTTP response: HTTP/1.1 404 Not Found > > Transfer-Encoding: chunked > > Strict-Transport-Security: max-age=31536000 > > HTTP body chunked (-2) > > Unexpected 404 result from server > > Creating SSL connection failed > > > > > > ..so it looks like I get the same result doing it that way. Daniel, > > I > > don't have much hope that the network admins will enable legacy > > mode, > > but sometimes they surprise me. So if I continue to be roadblocked > > with pulse, I'll try to reach out to them. > > Tim > > Is there anything I can do/provide to help further along your work on > the pulse connection protocol? Or, perhaps, anything else I should > try? Can you stick a MITM proxy like http://david.woodhou.se/proxy.go in themiddle and watch what happens when the 'real' client connects? I think you don't have proper VPN here; you essentially only have port forwarding. We *do* have an idea how that works, and it would be possible to build a client for it but it doesn't fit well into the "VPN" model. It'd end up being a different application that just happens to use libopenconnect, I think.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ openconnect-devel mailing list openconnect-devel@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/openconnect-devel
