On Thu, 2020-04-30 at 18:02 +0200, Thierry de Coulon wrote: > Hello, > > I have been using openconnect for some time to access a pulse server. > > Until today I have been using versions up to 8.02 with --juniper > The process involves creating the tunnel with openconnect, then accessing the > share with sbm. When I run > > <file browser> smb://<location>%5C<user>@<server>/ > > I get asked for the password and get access. > > Today I updated to 8.08 (Debian Buster backports) and found out this: > > with --protocol=pulse, the tunnel is created, but on smb access I never get > asked for the password, so I get no access. > > with --protocol=nc (which I understand to be same as --juniper) everything > works as before. > > Just wondering if this is the intended way it should work. That seems odd; there shouldn't be any difference. The only *expected* difference is that the older NC protocol only supports Legacy IP. Do you have any IPv6 configuration on the VPN when you connect with Pulse? I suspect there's some weirdness with DNS or routing — or perhaps the VPN MTU. Can you reproduce with smbclient on the command line and debugging enabled? And can you capture the traffic on the VPN interface while you try, so we can compare both nc and pulse modes?
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ openconnect-devel mailing list openconnect-devel@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/openconnect-devel
