On Thu, Apr 30, 2020 at 11:19 AM Thierry de Coulon <tcoulon@xxxxxxxxxxx> wrote: > (pulse mode) > > If I start my file manager (I use TDE's konqueror for this) the program opens > but no password is asked. Can you access *other* resources on the network, e.g. websites? > root@junior:/home/thierry# openconnect --protocol=nc https://school.gyb.ch > GET https://school.gyb.ch/ > Connected to 46.245.150.135:443 > SSL negotiation with school.gyb.ch > Connected to HTTPS on school.gyb.ch with ciphersuite > (TLS1.2)-(RSA)-(AES-128-GCM) > Got HTTP response: HTTP/1.1 302 Found > GET https://school.gyb.ch/dana-na/auth/url_1/welcome.cgi > SSL negotiation with school.gyb.ch > Connected to HTTPS on school.gyb.ch with ciphersuite > (TLS1.2)-(RSA)-(AES-128-GCM) > frmLogin > username:<username> > password:<password> > POST https://school.gyb.ch/dana-na/auth/url_1/login.cgi > Got HTTP response: HTTP/1.1 302 Moved > GET https://school.gyb.ch/dana/home/index.cgi > Connected as 10.1.248.7, using SSL, with ESP in progress > > This time the password is asked and I get in. Compare your routing table (`ip route`) and DNS servers (`cat /etc/resolv.conf`) after connecting to the Pulse and Juniper versions. What are the differences? > What I notice is that the first time I get "Switching Protocols". This is a completely normal part of the Pulse protocol. > Unfortunately I have no real information as to how the server works. Users are > instructed to use the pulse software and all we are given are user name and > password. I thought it would be better to use the pulse protocol but as long > as nc works... Yeah, it's useful to get feedback about servers where Pulse works, but ultimately if they both work… there is little-to-no functional difference between the two. (Pulse supports IPv6, unlike Juniper, but that doesn't appear relevant for your VPN.) -Dan _______________________________________________ openconnect-devel mailing list openconnect-devel@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/openconnect-devel
