Wow - that was so fast. openconnect isn’t broken and is behaving as expected for the operating system. I didn’t even give this a thought when I added a route sudo route add -net 10.1.135.64/29 dev tun0 and of course I this would have been rejected with 10.1.135.65/29 I’m a bit embarassed I didn’t spot this myself. I never picked though which routes weren’t being accepted, and this had been functioning on the other platforms (at least on MacOS). I see that on the PaloAlto, I never specifed networks (i.e 192.168.1.0/29) for some if the small DMZs - only the interface for it. This is an easy fix Thank You so much Dan I would like to pay it forward. If you’d like to troubeleshoot those unexpected argument values, I want to help. - grant _______________________________________________ openconnect-devel mailing list openconnect-devel@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/openconnect-devel
