Connecting via NetworkManager uses gateway IP address instead of hostname. #4
Comments
hmmm.... I'm not sure if my initial assumption is correct.
For CLI:
|
You may be "first guinea pig", the first person besides me to actually build it successfully. 👍 I'm not 100% sure what's going on here, but it appears that the GUI client isn't handling the HIP report submission correctly. It must not be invoking it in the same way as the CLI client. I added the HIP report support very recently to the CLI (dlenski/openconnect@e4ef149), and I hadn't yet tested it with the NM GUI. It appears that your GP VPN doesn't actually require submission of the HIP report, because you're saying that the VPN connectivity works fine even though the server is telling you to submit the report:
You may want to try building Does it work if you use that earlier build of liboc? If so, then I need to go dive in and figure out what's different about the GUI's invocation of the HIP report check. |
I figured out the problem: the NM GUI does authentication and connection in separate phases, and my HIP report support wasn't taking this into account correct. This should be fixed with dlenski/openconnect@f9c36b4. Please rebuild liboc from there, and it should work. (Does for me…) |
This is wonderful news! Sorry I couldn't respond sooner. I'll be able to confirm functionality first thing in the morning. Thank you for looking into it! |
@beanaroo I'm sorry but I discovered another issue with the tap-dance of authentication, connection, and HIP report submission that means it probably won't work as-is. Try rebuilding this package with the latest commit (ab8ddf0), but I doubt this will actually be accepted by the OpenConnect bigwigs as-is… so I'll have to discuss how to solve this with them. |
Hi @dlenski, I'm excited to hear the project is now included in openconnect. 🎉 I'd like to close this issue if that's okay, I am unable to reproduce the initial report. :) |
Hi, first of all, thank you so much for providing us with the ability to connect to Global Protect VPNs natively.
Using the CLI works like a charm. I've built this plugin and installed it (after having to move some files around. Might open a separate issue).
Connection fails with SSL verification. I presume this is because when using the GUI:
Where as using the CLI:
I'm not sure if this is the right place to file the problem. I'm happy to move it to the appropriate issue tracker.
The text was updated successfully, but these errors were encountered: