Active Topics
-
How many of you still use N900 as main phone? (595)
to Community by deutch1976 - 4 days, 8 hrs ago -
Big news (7)
to OS2008 / Maemo 4 / Chinook - Diablo by endsormeans - 5 days, 16 hrs ago -
Firefox with Leste (8)
to Maemo 7 / Leste by endsormeans - 5 days, 17 hrs ago - more...
|
2010-12-09
, 15:16
|
|
Posts: 323 |
Thanked: 180 times |
Joined on Oct 2009
@ Gent, Belgium
|
#52
|
just noticed something, the upgrade of the OpenConnect command itself can potentially also solve the request people have needing to use the UserGroup feature :
From http://www.infradead.org/openconnect.html
Just a thought for an quick-fix...
OpenConnect v2.20 — 2010-01-04
* Allow server to be specified with https:// URL, including port and pathname (which Cisco calls 'UserGroup')
Just a thought for an quick-fix...
|
|
2010-12-15
, 18:45
|
|
Posts: 90 |
Thanked: 44 times |
Joined on Aug 2010
|
#53
|
well, good ideas, but lorelei isn't working here anymore (it is a pitty, when you got someone making good software, he stops).
here is the howto on linux machines (but, as i am from germany, it is german)
but back to topic:
we ve got a vpn at our uni, which is using the anyconnect client on win7 and vista, so i thought openconnect should do the job.
but it isn't; so, what am i doing wrong?
also taking out the no-dtls command and/or the no-ipv6 didn't work.
thanks for every help!
Last edited by sirpaul; 2011-04-20 at 18:57.
here is the howto on linux machines (but, as i am from germany, it is german)
but back to topic:
we ve got a vpn at our uni, which is using the anyconnect client on win7 and vista, so i thought openconnect should do the job.
but it isn't; so, what am i doing wrong?
also taking out the no-dtls command and/or the no-ipv6 didn't work.
Code:
Nokia-N900:~# openconnect --authgroup=WLAN --user=myuser@uni-potsdam.de --passwd=mypass --disable-ipv6 --verbose --no-dtls wlanvpn.uni-potsdam.de Attempting to connect to wlanvpn.uni-potsdam.de SSL negotiation with wlanvpn.uni-potsdam.de Connected to HTTPS on wlanvpn.uni-potsdam.de GET wlanvpn.uni-potsdam.de/ Got HTTP response: HTTP/1.0 302 Object Moved Content-Type: text/html; charset=UTF-8 Content-Length: 0 Cache-Control: no-cache Pragma: no-cache Connection: Keep-Alive Date: Fri, 05 Nov 2010 06:56:33 GMT Location: /+webvpn+/index.html Set-Cookie: tg=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure SSL negotiation with wlanvpn.uni-potsdam.de Connected to HTTPS on wlanvpn.uni-potsdam.de GET wlanvpn.uni-potsdam.de/+webvpn+/index.html Got HTTP response: HTTP/1.1 200 OK Transfer-Encoding: chunked Content-Type: text/xml Cache-Control: max-age=0 Set-Cookie: webvpn=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure Set-Cookie: webvpnc=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure Set-Cookie: webvpnlogin=1; secure X-Transcend-Version: 1 Fixed options give POST wlanvpn.uni-potsdam.de/+webvpn+/index.html Got HTTP response: HTTP/1.1 200 OK Transfer-Encoding: chunked Content-Type: text/xml Cache-Control: max-age=0 Set-Cookie: webvpnlogin=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure Set-Cookie: webvpn=; path=/; secure Set-Cookie: webvpnc=bu:/CACHE/stc/&p:t&iu:1/&sh:B551FD33CB3F3223E18C427CB8C5B9DE82B374BA&lu:/+CSCOT+/translation-table?textdomain%3DAnyConnect%26type%3Dmanifest; path=/; secure X-Transcend-Version: 1 Got CONNECT response: HTTP/1.1 200 OK X-CSTP-Version: 1 X-CSTP-Address: 141.89.47.249 X-CSTP-Netmask: 255.255.255.0 X-CSTP-DNS: 141.89.65.1 X-CSTP-NBNS: 141.89.64.56 X-CSTP-Lease-Duration: 86400 X-CSTP-Session-Timeout: 86400 X-CSTP-Idle-Timeout: 1800 X-CSTP-Disconnected-Timeout: 1800 X-CSTP-Default-Domain: wlan.rz.uni-potsdam.de X-CSTP-Keep: true X-CSTP-Homepage: http://www.uni-potsdam.de X-CSTP-DPD: 30 X-CSTP-Keepalive: 20 X-CSTP-Smartcard-Removal-Disconnect: true X-DTLS-Session-ID: E5E1DA7A8AAD06099E9C4C45572E182BAB8FCB92A7FA38155EFA506917418A07 X-DTLS-Port: 443 X-DTLS-Keepalive: 20 X-DTLS-DPD: 30 X-CSTP-MTU: 1406 X-DTLS-CipherSuite: AES128-SHA X-CSTP-Routing-Filtering-Ignore: false CSTP connected. DPD 30, Keepalive 20 Connected tun0 as 141.89.47.249, using SSL Did no work; sleeping for 20000 ms... Send CSTP Keepalive Did no work; sleeping for 10000 ms... Send CSTP DPD Did no work; sleeping for 15000 ms... Got CSTP DPD response Did no work; sleeping for 20000 ms... Send CSTP Keepalive Did no work; sleeping for 10000 ms... Send CSTP DPD Did no work; sleeping for 15000 ms... Got CSTP DPD response Did no work; sleeping for 20000 ms... ^CSend BYE packet: Client received SIGINT Nokia-N900:~#
Last edited by sirpaul; 2011-04-20 at 18:57.
|
|
2010-12-15
, 19:35
|
|
Posts: 479 |
Thanked: 641 times |
Joined on Dec 2007
@ Switzerland
|
#54
|
Originally Posted by sirpaul
Well, I'm not completely away...last few months I was more in lurking mode with no time to interact...
well, good ideas, but lorelei isn't working here anymore (it is a pitty, when you got someone making good software, he stops).
Honestly I don't know as of now if I will ever have the time to continue working on openconnect+gui, since I have concentrate myself more on Erminig (Google calendar sync). There are also other issues that I can't disclose for the moment, which will prevent me working efficiently on OpenConnect.
-lorelei
| The Following User Says Thank You to lorelei For This Useful Post: | ||
|
|
2010-12-15
, 21:09
|
|
Posts: 90 |
Thanked: 44 times |
Joined on Aug 2010
|
#55
|
Originally Posted by lorelei
ah, damn that wasn't the answer i was hoping for
Well, I'm not completely away...last few months I was more in lurking mode with no time to interact...
(but it is good, that the maemo community hasn't lost someone with skills)
it would probably take too much time updating the maemoversion?
(yes of course it would, but there is still a little hope)
|
|
2010-12-30
, 12:49
|
|
Posts: 479 |
Thanked: 641 times |
Joined on Dec 2007
@ Switzerland
|
#56
|
Originally Posted by purevpn
Possible, but I don't see the point, since:
i am using <spam URL removed> by pure USA vpn ip service this is secure and reliable i recommend this much better.........
1) I don't see any Maemo client
2) How does it solve the problem for those logging on corporate/academic network that have to use their VPN concentrators?
Is this some kind of advertisement for purevpn?
Last edited by sjgadsby; 2011-01-11 at 12:32. Reason: removing spam URL
|
|
2010-12-30
, 15:56
|
|
Posts: 90 |
Thanked: 44 times |
Joined on Aug 2010
|
#57
|
lol it has to be, just look at the name... what a damn bad try of advertising...
doesn't look very
if advertising in
a) wrong forum (its maemo, *****)
b) forums in general
doesn't look very
secure and reliable
a) wrong forum (its maemo, *****)
b) forums in general
|
|
2011-01-26
, 18:16
|
|
Posts: 323 |
Thanked: 180 times |
Joined on Oct 2009
@ Gent, Belgium
|
#58
|
can the source for openconnect-gui be shared ? I would like to modify it to include the extra fields/options and the full commandline as executed inb the debugwindow. i really would like to make this gui useful for me
tnx
tnx
| The Following User Says Thank You to Netweaver For This Useful Post: | ||
|
|
2011-01-26
, 18:20
|
|
Posts: 235 |
Thanked: 339 times |
Joined on Nov 2010
|
#59
|
|
|
2011-01-27
, 17:22
|
|
Posts: 323 |
Thanked: 180 times |
Joined on Oct 2009
@ Gent, Belgium
|
#60
|
thanks. My first attempt is attached (version 0.5-7)
Note that due to the way the arguments are parsed, only one extra option is possible.
this is my first coding effort in Maemo/scratchbox, it's no more then an intelligent cut-paste-change exercise for now. But the end-result sure helps me and might help other people as well.
I might try to port the latest version of openconnect (2.2x), apply the same kind of mods/logic as the maemo-fied 2.12 version. But that's something for later
Also, for the future, the GUI might need a rewrite in Qt Quick ... but that's still a (few) bridge(s) to far, one step at a time is good enough for me
I don't have a garage account yet and I've never submitted anything to the autobuilder so that's another hurdle to take.
Also, there's no need for me to fork this piece of work, I rather work together with Lorelei to get my patches into the original garage code.
Please test and see if it does what you want. Open to all suggestions/bug reports/requests.
Changelog :
openconnect-gui (0.5-7) unstable; urgency=low
* [ENHANCEMENT] added extra field ("free_option") in the profile for the openconnect command invocation, to allow adding new option such as --authgroup=GROUP
* [ENHANCEMENT] add by default the "--no-dtls" option due to bug in Nokia supplied openssl libs
* [BUGFIX] properly escaped the password field to allow all kind of characters
this is my first coding effort in Maemo/scratchbox, it's no more then an intelligent cut-paste-change exercise for now. But the end-result sure helps me and might help other people as well.
I might try to port the latest version of openconnect (2.2x), apply the same kind of mods/logic as the maemo-fied 2.12 version. But that's something for later
Also, for the future, the GUI might need a rewrite in Qt Quick ... but that's still a (few) bridge(s) to far, one step at a time is good enough for me
I don't have a garage account yet and I've never submitted anything to the autobuilder so that's another hurdle to take.
Also, there's no need for me to fork this piece of work, I rather work together with Lorelei to get my patches into the original garage code.
Please test and see if it does what you want. Open to all suggestions/bug reports/requests.
- on the OpenConnect GUI. When entering both userID and password and trying to connect to the created profile, it continuously say "no server specified".
Can you include (in the log window) also the complete Openconnect command invocation string to see what might be wrong? Easier in troubleshooting.
As a double check, when using the command line I can make a proper connection so I know my parameters are correct.
As requested before, can you also provide a custom input field for extra switches (as the --no-dtls)?
Which post-connection script is being used by default by the GUI ? I'm using the /etc/vpnc/vpnc-script in my command line string but I only have that file (I guess) because I also installed the vpnc package. Maybe the previous post also has to do with the proper setup (or absence) of the post-connect script?
On the command itself, is it possible to upgrade the version to 2.26, the currently supplied version 2.12 works but is already a year old, if you update the gui, make you can as well put the most recent version of the main code in as well.
Lots of thanks for the work so far, it opened up my access to the office network without laptop. I don't know if that's always such a great idea though
At least it give me choices now where to do what. And the possibility to do my labour claim straight on my N900, wherever I am, at a Friday noon ... yeah ! That will save me a few mails from my manager !!