Kaj*_*nus 9 networking linux vpn
过去,我可以连接到某个 Cisco VPN 服务器。我已经离开旅行 7 周了,现在我回家了,但无法再连接到 VPN 服务器。今天服务器突然要求我运行“思科安全桌面”木马,我已经配置了 OpenConnect 来执行此操作(通过 GUI 对话框和--csd-user命令行选项openconnect),但我仍然无法获得VPN 连接工作。
VPN 连接日志以这四行一遍又一遍地重复结束:
GET https://vpn.server.com/+CSCOE+/sdesktop/wait.html
SSL negotiation with vpn.server.com
Connected to HTTPS on vpn.server.com
Refreshing +CSCOE+/sdesktop/wait.html after 1 second...
你知道发生了什么或者我如何解决这个问题吗?
您是否猜到问题是 VPN 服务器端配置更改?可能是“Cisco Secure Desctop”脚本?在我能够连接之前,VPN 服务器从未要求我运行“Cisco Secure Desktop”脚本。— 或者您是否认为我的操作系统已将 OpenConnect 升级到某种不兼容的版本?
"Refreshing .../sdesktop/wait.html",那是什么,为什么?而+CSCOE+,听起来很奇怪。
我的操作系统:Linux Mint 17。OpenConnect 版本 v5.02。其他人可以连接到 VPN 服务器——不过,他们使用的是 Mac 或 Windows,而不是 Linux。
这是完整的 OpenConnect 日志:
POST https://vpn.server.com/
Attempting to connect to server 111.222.333.444:443
Using client certificate 'My-Full-Name'
Adding supporting CA 'TC TrustCenter Class 2 L1 CA XI'
SSL negotiation with vpn.server.com
Connected to HTTPS on vpn.server.com
Got HTTP response: HTTP/1.0 302 Object Moved
GET https://vpn.server.com/
Attempting to connect to server 111.222.333.444:443
SSL negotiation with vpn.server.com
Connected to HTTPS on vpn.server.com
Got HTTP response: HTTP/1.0 302 Object Moved
GET https://vpn.server.com/+webvpn+/index.html
SSL negotiation with vpn.server.com
Connected to HTTPS on vpn.server.com
GET https://vpn.server.com/CACHE/sdesktop/install/binaries/sfinst
GET https://vpn.server.com/+CSCOE+/sdesktop/wait.html
Refreshing +CSCOE+/sdesktop/wait.html after 1 second...
GET https://vpn.server.com/+CSCOE+/sdesktop/wait.html
SSL negotiation with vpn.server.com
Connected to HTTPS on vpn.server.com
Refreshing +CSCOE+/sdesktop/wait.html after 1 second...
GET https://vpn.server.com/+CSCOE+/sdesktop/wait.html
SSL negotiation with vpn.server.com
Connected to HTTPS on vpn.server.com
Refreshing +CSCOE+/sdesktop/wait.html after 1 second...
GET https://vpn.server.com/+CSCOE+/sdesktop/wait.html
SSL negotiation with vpn.server.com
Connected to HTTPS on vpn.server.com
Refreshing +CSCOE+/sdesktop/wait.html after 1 second...
GET https://vpn.server.com/+CSCOE+/sdesktop/wait.html
SSL negotiation with vpn.server.com
Connected to HTTPS on vpn.server.com
Refreshing +CSCOE+/sdesktop/wait.html after 1 second...
(... continues forever)
我在这里读到我可以通过--csd-wrapper选项将“Cisco Secure Desktop”脚本包装在 shell 脚本中;建议的脚本如下所示:
#!/bin/bash -x
exec 2>&1 > /dev/null
CSD_BINARY="$1"
shift
$CSD_BINARY "$@"
不过这没有任何影响。
我还测试了--no-xmlpost标志,如建议here,没有效果。
有人建议安装 32 位支持,但显然我的操作系统已经有了:
$ dpkg --print-foreign-architectures
i386
这是遇到同样问题的其他人。这是一个 ServerFault 问题,但它显然在 ServerFault 中被删除了,我猜是在那边的题外话。这个问题没有答案。
使用-v(详细)标志编辑,openconnect不断重复这些行:
$ openconnect -v -c cert.pem --csd-user=kajmagnus vpn.example.com
...
GET https://vpn.example.com/+CSCOE+/sdesktop/wait.html
SSL negotiation with vpn.example.com
Connected to HTTPS on vpn.example.com
Got HTTP response: HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
Connection: Close
Date: Thu, 06 Nov 2014 11:10:18 GMT
HTTP body chunked (-2)
Refreshing +CSCOE+/sdesktop/wait.html after 1 second...
| 归档时间: |
|
| 查看次数: |
8497 次 |
| 最近记录: |