On Debian, I am using the following command to connect to a vpn:
sudo openconnect --csd-wrapper=/usr/libexec/openconnect/csd-post.sh --verbose vpn.abc.com
It fails:
POST https://vpn.abc.com/
Attempting to connect to server x.x.30.23:443
Connected to x.x.30.23:443
SSL negotiation with vpn.abc.com
Connected to HTTPS on vpn.abc.com
Got HTTP response: HTTP/1.0 302 Found
Location: https://globalvpn.abc.com/vpn-mfa-ldap/
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
HTTP body length: (0)
POST https://globalvpn.abc.com/vpn-mfa-ldap/
Attempting to connect to server x.x.30.176:443
Connected to x.x.30.176:443
SSL negotiation with globalvpn.abc.com
Connected to HTTPS on globalvpn.abc.com
Got HTTP response: HTTP/1.0 302 Temporary moved
Set-Cookie: tg=0VlBOLU1GQS1MREFQ; path=/; secure
Content-Length: 0
Cache-Control: no-cache
Pragma: no-cache
Connection: Close
Date: Tue, 15 Dec 2020 08:18:22 GMT
X-Frame-Options: SAMEORIGIN
Location: /+webvpn+/index.html
HTTP body length: (0)
GET https://vpn.abc.com/
Attempting to connect to server x.x.30.23:443
Connected to x.x.30.23:443
SSL negotiation with vpn.abc.com
Connected to HTTPS on vpn.abc.com
Got HTTP response: HTTP/1.0 302 Found
Location: https://globalvpn.abc.com/vpn-mfa-ldap/
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
HTTP body length: (0)
GET https://globalvpn.abc.com/vpn-mfa-ldap/
Attempting to connect to server x.x.30.176:443
Connected to x.x.30.176:443
SSL negotiation with globalvpn.abc.com
Connected to HTTPS on globalvpn.abc.com
Got HTTP response: HTTP/1.0 302 Temporary moved
Set-Cookie: tg=0VlBOLU1GQS1MREFQ; path=/; secure
Content-Length: 0
Cache-Control: no-cache
Pragma: no-cache
Connection: Close
Date: Tue, 15 Dec 2020 08:18:25 GMT
X-Frame-Options: SAMEORIGIN
Location: /+webvpn+/index.html
HTTP body length: (0)
GET https://globalvpn.abc.com/+webvpn+/index.html
SSL negotiation with globalvpn.abc.com
Connected to HTTPS on globalvpn.abc.com
Got HTTP response: HTTP/1.1 200 OK
Transfer-Encoding: chunked
Content-Type: text/xml
Cache-Control: max-age=0
Set-Cookie: webvpn=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure
Set-Cookie: webvpn_as=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure
Set-Cookie: webvpnc=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure
Set-Cookie: webvpnlogin=1; secure
X-Frame-Options: SAMEORIGIN
X-Transcend-Version: 1
HTTP body chunked (-2)
GET https://globalvpn.abc.com/CACHE/sdesktop/install/binaries/sfinst
Got HTTP response: HTTP/1.1 404 Not Found
Cache-Control: no-cache
Pragma: no-cache
Connection: Close
Date: Tue, 15 Dec 2020 08:18:27 GMT
X-Frame-Options: SAMEORIGIN
HTTP body http 1.0 (-1)
SSL socket closed uncleanly
Unexpected 404 result from server
Failed to obtain WebVPN cookie
Yes, the /usr/libexec/openconnect/csd-post.sh file is present.
However, the same (almost) command (openconnect --csd-wrapper=/usr/lib/openconnect/csd-post.sh vpn.abc.com) gets me connected to the vpn when I am on Archlinux. Here's the link to the arch wiki.
I have used a dummy IP address and VPN server name in this post. Thanks in advance.
