Hi,
I can get openconnect VPN to work unfortunately I can't seem to get it to work via NetworkManager.
Versions
openconnect 1:5.01-1
networkmanager 0.9.8.8-1
Would love to get openconnect to work via NM.
To connect using openconnect only I use (as root):
openconnect --user=exampleusername --no-dtls --no-xmlpost --authgroup='SomeGroup' --no-cert-check --csd-wrapper=/home/homedir/.cisco/csd-wrapper.sh
correctfqdn.somewhere.co.za
(Doing the above without the --no-dtls and --no-xmlpost options still connect and get an IP but just give a few errors 'DTLS handshake failed: Resource temporarily unavailable, try again.')
This connects fine.
Using this NM connection I get an error after trying to input authentication details:
---
cat /etc/NetworkManager/system-connections/EgConnection
[connection]
id=EgConnection
uuid=ed432bd4-9078-493d-a9c3-fb7ac4199917
type=vpn
autoconnect=false
[vpn]
service-type=org.freedesktop.NetworkManager.openconnect
enable_csd_trojan=yes
xmlconfig-flags=0
pem_passphrase_fsid=no
gwcert-flags=2
gateway-flags=2
autoconnect-flags=0
lasthost-flags=0
certsigs-flags=0
cookie-flags=2
csd_wrapper=/home/homedir/.cisco/csd-wrapper.sh
gateway=
correctfqdn.somewhere.co.za
[vpn-secrets]
certsigs=1259D3EA3C5BE5C01D7BD4B5B51BCD7355A71A01
autoconnect=no
lasthost=
correctfqdn.somewhere.co.za [ipv4]
method=auto
---
Output errors
GUI output error: Necessary secrets for the VPN connection were not provided.
Log file:
---
Dec 10 14:11:35 my-laptop dbus-daemon[449]: dbus[449]: [system] Activating via systemd: service name='org.freedesktop.ModemManager1' unit='dbus-org.freedesktop.ModemManager1.service'
Dec 10 14:11:35 my-laptop dbus[449]: [system] Activating via systemd: service name='org.freedesktop.ModemManager1' unit='dbus-org.freedesktop.ModemManager1.service'
Dec 10 14:11:35 my-laptop dbus-daemon[449]: dbus[449]: [system] Activation via systemd failed for unit 'dbus-org.freedesktop.ModemManager1.service': Unit dbus-org.freedesktop.ModemManager1.service failed to load: No such file or directory.
Dec 10 14:11:35 my-laptop dbus[449]: [system] Activation via systemd failed for unit 'dbus-org.freedesktop.ModemManager1.service': Unit dbus-org.freedesktop.ModemManager1.service failed to load: No such file or directory.
Dec 10 14:12:01 my-laptop NetworkManager[441]: <info> Starting VPN service 'openconnect'...
Dec 10 14:12:01 my-laptop NetworkManager[441]: <info> VPN service 'openconnect' started (org.freedesktop.NetworkManager.openconnect), PID 3275
Dec 10 14:12:01 my-laptop kernel: tun: Universal TUN/TAP device driver, 1.6
Dec 10 14:12:01 my-laptop kernel: tun: (C) 1999-2004 Max Krasnyansky <
maxk qualcomm com>
Dec 10 14:12:01 my-laptop NetworkManager[441]: <info> VPN service 'openconnect' appeared; activating connections
Dec 10 14:12:22 my-laptop cstub[3596]: [libcsd][all][csd_init] hello
Dec 10 14:12:22 my-laptop cstub[3596]: [libcsd][all][csd_init] libcsd.so version 3.1.03104
Dec 10 14:12:22 my-laptop cstub[3596]: [libcsd][warn][l10n_update_file] failed to get localization file for en-us from peer (
https://correctfqdn.somewhere.co.za).
Dec 10 14:12:22 my-laptop cstub[3596]: [libcsd][warn][l10n_update_file] failed to get localization file for en from peer (
https://correctfqdn.somewhere.co.za).
Dec 10 14:12:22 my-laptop cscan[3610]: [cscan][all][init] hello
Dec 10 14:12:22 my-laptop cscan[3610]: [cscan][all][init] cscan version 3.1.03104
Dec 10 14:12:22 my-laptop cstub[3596]: [libcsd][all][new_connection_cb] *** new connection [2519710] from pid: [3610] ***
Dec 10 14:12:23 my-laptop cscan[3610]: [cscan][error][cfg_process] global config not found
Dec 10 14:12:23 my-laptop cscan[3610]: [cscan][warn][asa_opswat_license_is_valid] error getting license data from peer: (
https://correctfqdn.somewhere.co.za)
Dec 10 14:12:23 my-laptop cstub[3596]: [libcsd][all][csd_prelogin] libcsd prelogin returns 0.
Dec 10 14:12:25 my-laptop cscan[3610]: [cscan][error][restore_directory] no restore folder exists (/home/homedir/.mozilla/.backup/firefox)
Dec 10 14:12:25 my-laptop cscan[3610]: [cscan][error][restore_settings_firefox] unable to restore firefox (/home/homedir/.mozilla/firefox).
Dec 10 14:12:25 my-laptop cscan[3610]: [cscan][all][reset_connection_cb] *** reset connection [161b060] from pid: [3596] ***
Dec 10 14:12:52 my-laptop NetworkManager[441]: get_secret_flags: assertion 'is_secret_prop (setting, secret_name, error)' failed
Dec 10 14:12:52 my-laptop NetworkManager[441]: <error> [1386677572.711871] [nm-vpn-connection.c:1335] plugin_need_secrets_cb(): (ed432bd4-9078-493d-a9c3-fb7ac4199917/EgConnection) final secrets request failed to provide sufficient secrets
Dec 10 14:12:52 my-laptop NetworkManager[441]: <info> Policy set 'Mobile Via WiFi at work' (wlp3s0) as default for IPv4 routing and DNS.
Dec 10 14:12:53 my-laptop NetworkManager[441]: keyfile: updating /etc/NetworkManager/system-connections/EgConnection
Dec 10 14:12:57 my-laptop NetworkManager[441]: <info> VPN service 'openconnect' disappeared
---
Granted I'm connecting with openconnect cmd as root user and NetworkManager via my user account however I don't believe that's the issue.
