I'm the administrator of Cisco ASA5510 so I would be able to help debugging if needed. :-)
Great! Some more testing is always welcome! I will post an update in this thread when a new version is available.
Planned features for next version:
- support for groups
- cleanup of how the passwords are passed to the underlying openconnect process.
- make the log window thumbs-pannable (at the moment it's only scrollable with the scrollbar).
In any case, I strongly encourage you to report bugs/RFEs to bugs.maemo.org, in the OpenConnect category!
In the present version it's not possible to add the group setting. I did not include it, since I didn't need it, but I will gladly add this option in the next release (shouldn't be that far away, and it's a straightforward addition).
What I want to point out however, is that vpnc and openconnect are not interchangeable!
vpnc works with the the Cisco VPN concentrator 3000 Series, Cisco PIX appliances and Juniper/Netscreen, by using IKE/IPSEC
openconnect works with other Cisco concentrators (see the top post of this thread), and uses SSL.
as soon as i figure out which one i need i'll be happy - hehe
as soon as i figure out which one i need i'll be happy - hehe
Two possible ways to determine that (short of asking the sysadmin):
if your official VPN client is "Cisco Anyconnect", then OpenConnect should do the trick.
If your official VPN client is "Cisco VPN Client" (if I'm not mistaken), then vpnc should be used.
Another way (less effective): if you can open https://your-vpn-server
with a browser, there's a high probability that OpenConnect is the one you need. (please note the s in https!)
- support for groups
- cleanup of how the passwords are passed to the underlying openconnect process.
- make the log window thumbs-pannable (at the moment it's only scrollable with the scrollbar).
In any case, I strongly encourage you to report bugs/RFEs to bugs.maemo.org, in the OpenConnect category!
There are two kinds of 'groups'. There's the 'UserGroup' which ends up as part of the URL (http://vpn.server.org/usergroup/), and then there's the group selection which can be presented as part of the XML form when the user tries to log in.
I would recommend that you use the guts of the NetworkManager auth-dialog tool which is part of openconnect. That will do all the authentication for you, handling all the forms, and then it will just output the resulting HTTP cookie which is what lets you make the connection. We pass that to openconnect with the --cookie-on-stdin option.
Two possible ways to determine that (short of asking the sysadmin):
if your official VPN client is "Cisco Anyconnect", then OpenConnect should do the trick.
If your official VPN client is "Cisco VPN Client" (if I'm not mistaken), then vpnc should be used.
Another way (less effective): if you can open https://your-vpn-server
with a browser, there's a high probability that OpenConnect is the one you need. (please note the s in https!)
Ahaaa you sir are a genius! And a gentleman
Vpnc and wpnc gui worked a treat! - superb! - but sorry i can't test your app!
Doesn't seem to work with ASA Anyconnect client-based VPN?
The GUI says I'm connected but just sits there with 'POST'
Note this isn't a clientless SSL VPN where you just have access to certain office functions via a web interface, the solution is a full SSL VPN via the downloadable Anyconnect client.
Not the ASA administrator but have worked with them before and would be keen to help debug if necessary...
Doesn't seem to work with ASA Anyconnect client-based VPN?
The GUI says I'm connected but just sits there with 'POST'
Can you check whether it works with openconnect from the command line (perhaps on another Linux box), and if not send a bug report to the openconnect mailing list.
And a gentleman