Re: NetworkManager-openconnect multiple VPN Hosts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Thu, 2020-04-02 at 15:20 +0200, Grant Williamson wrote:
> Is there a way to specify multiple VPN hosts in the
> NetworkManager-openconnect system-connections profile?
> 
> I can see there is a drop down menu option in the connection dialog,
> wondering how to add multiple hosts(if possible)?

It gets them out of the XML profile which is provided from the
AnyConnect server.

The xmlconfig key in the VPN date contains that XML, base64-encoded.
Make it look like an AnyConnect profile file. So something like...

<AnyConnectProfile>
  <ServerList>
    <HostEntry>
      <HostName>My First Server</HostName>
      <HostAddress>vpn1.example.com</HostAddress>
    </HostEntry>
    <HostEntry>
      <HostName>My Second Server</HostName>
      <HostAddress>vpn2.example.com</HostAddress>
    </HostEntry>
  </ServerList>
</AnyConnectProfile>

...would base64-encode to:

PEFueUNvbm5lY3RQcm9maWxlPgogIDxTZXJ2ZXJMaXN0PgogICAgPEhvc3RFbnRyeT4KICAgICAg
PEhvc3ROYW1lPk15IEZpcnN0IFNlcnZlcjwvSG9zdE5hbWU+CiAgICAgIDxIb3N0QWRkcmVzcz52
cG4xLmV4YW1wbGUuY29tPC9Ib3N0QWRkcmVzcz4KICAgIDwvSG9zdEVudHJ5PgogICAgPEhvc3RF
bnRyeT4KICAgICAgPEhvc3ROYW1lPk15IFNlY29uZCBTZXJ2ZXI8L0hvc3ROYW1lPgogICAgICA8
SG9zdEFkZHJlc3M+dnBuMi5leGFtcGxlLmNvbTwvSG9zdEFkZHJlc3M+CiAgICA8L0hvc3RFbnRy
eT4KICA8L1NlcnZlckxpc3Q+CjwvQW55Q29ubmVjdFByb2ZpbGU+Cg==

So if I change one of my test connections...

nmcli con modify 'Pulse' vpn.secrets "xmlconfig=PEFueUNvbm5lY3RQcm9maWxlPgogIDxTZXJ2ZXJMaXN0PgogICAgPEhvc3RFbnRyeT4KICAgICAgPEhvc3ROYW1lPk15IEZpcnN0IFNlcnZlcjwvSG9zdE5hbWU+CiAgICAgIDxIb3N0QWRkcmVzcz52cG4xLmV4YW1wbGUuY29tPC9Ib3N0QWRkcmVzcz4KICAgIDwvSG9zdEVudHJ5PgogICAgPEhvc3RFbnRyeT4KICAgICAgPEhvc3ROYW1lPk15IFNlY29uZCBTZXJ2ZXI8L0hvc3ROYW1lPgogICAgICA8SG9zdEFkZHJlc3M+dnBuMi5leGFtcGxlLmNvbTwvSG9zdEFkZHJlc3M+CiAgICA8L0hvc3RFbnRyeT4KICA8L1NlcnZlckxpc3Q+CjwvQW55Q29ubmVjdFByb2ZpbGU+Cg=="


... and try to connect it it...

Yep, that works.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
openconnect-devel mailing list
openconnect-devel@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/openconnect-devel
[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux