Demo Forum Go back to the main website
No internet connection
  1. Home
  2. General

I can no longer work from home over VPN ?

By @Magnus
    2018-05-30 13:54:17.125Z

    I can no longer connect to our VPN server and work from home. Today the server suddenly asks me to run a 'Cisco Secure Desktop' trojan, and I've configured OpenConnect to do this (both via a GUI dialog, and the --csd-user command line option to openconnect), still I'm no longer able to get the VPN connection working.

    The VPN connection log ends with these four lines repeated over and over again:

    GET https://vpn.server.com/+CSCOE+/sdesktop/wait.html
    SSL negotiation with vpn.server.com
    Connected to HTTPS on vpn.server.com
    Refreshing +CSCOE+/sdesktop/wait.html after 1 second...
    

    Do you have any idea about what's happening or how I can fix this?

    Would you guess that the problem is a VPN server side configuration change? The 'Cisco Secure Desctop' script perhaps? The VPN server has never asked me to run the 'Cisco Secure Desktop' script before, when I was able to connect. — Or do you think my OS has upgraded OpenConnect to a somehow incompatible version?

    "Refreshing .../sdesktop/wait.html", what's that, why? And +CSCOE+, sounds weird.

    My OS: Linux Mint 17. OpenConnect version v5.02. Other people are able to connect to the VPN server — they use Mac or Windows, not Linux, though.

    Here's the full OpenConnect log:

    POST https://vpn.server.com/
    Attempting to connect to server 111.222.333.444:443
    Using client certificate 'My-Full-Name'
    Adding supporting CA 'TC TrustCenter Class 2 L1 CA XI'
    SSL negotiation with vpn.server.com
    Connected to HTTPS on vpn.server.com
    Got HTTP response: HTTP/1.0 302 Object Moved
    GET https://vpn.server.com/
    Attempting to connect to server 111.222.333.444:443
    SSL negotiation with vpn.server.com
    Connected to HTTPS on vpn.server.com
    Got HTTP response: HTTP/1.0 302 Object Moved
    GET https://vpn.server.com/+webvpn+/index.html
    SSL negotiation with vpn.server.com
    Connected to HTTPS on vpn.server.com
    GET https://vpn.server.com/CACHE/sdesktop/install/binaries/sfinst
    GET https://vpn.server.com/+CSCOE+/sdesktop/wait.html
    Refreshing +CSCOE+/sdesktop/wait.html after 1 second...
    GET https://vpn.server.com/+CSCOE+/sdesktop/wait.html
    SSL negotiation with vpn.server.com
    Connected to HTTPS on vpn.server.com
    Refreshing +CSCOE+/sdesktop/wait.html after 1 second...
    GET https://vpn.server.com/+CSCOE+/sdesktop/wait.html
    SSL negotiation with vpn.server.com
    Connected to HTTPS on vpn.server.com
    Refreshing +CSCOE+/sdesktop/wait.html after 1 second...
    GET https://vpn.server.com/+CSCOE+/sdesktop/wait.html
    SSL negotiation with vpn.server.com
    Connected to HTTPS on vpn.server.com
    Refreshing +CSCOE+/sdesktop/wait.html after 1 second...
    GET https://vpn.server.com/+CSCOE+/sdesktop/wait.html
    SSL negotiation with vpn.server.com
    Connected to HTTPS on vpn.server.com
    Refreshing +CSCOE+/sdesktop/wait.html after 1 second...
    (... continues forever)
    

    Edit With the -v (verbose) flag, openconnect keeps repeating these lines:

    $ openconnect -v -c cert.pem --csd-user=kajmagnus vpn.example.com
    ...
    GET https://vpn.example.com/+CSCOE+/sdesktop/wait.html
    SSL negotiation with vpn.example.com
    Connected to HTTPS on vpn.example.com
    Got HTTP response: HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    Transfer-Encoding: chunked
    Cache-Control: no-cache
    Pragma: no-cache
    Connection: Close
    Date: Thu, 06 Nov 2014 11:10:18 GMT
    HTTP body chunked (-2)
    Refreshing +CSCOE+/sdesktop/wait.html after 1 second...
    
    Solved in post #5, click to view
    • 36 replies

    There are 36 replies. Estimated reading time: 5 minutes

    1. A
      @achara
        2018-05-30 13:59:41.356Z

        Try wrapping the 'Cisco Secure Desktop' script in a shell script, via the --csd-wrapper option, like so:

        #!/bin/bash -x
        exec 2>&1 > /dev/null
        CSD_BINARY="$1"
        shift
        $CSD_BINARY "$@"
        

        You can read more here -- apparently there's something wrong about how OpenConnect calls the binary.

        1. M@Magnus
            2018-05-30 14:46:32.579Z

            Thanks! This didn't have any effect though.

          • T
            In reply toMagnus:
            Thamas Davis @thamas
              2018-05-30 14:07:44.134Z

              You could try adding --no-xmlpost. It makes OpenConnect behave more like older versions, maybe some compatibility issue.

              1. M@Magnus
                  2018-05-30 14:47:06.467Z

                  This didn't help. Thanks anyway

                  1. NNovica Jajcanin @Novica
                      2019-02-02 10:18:41.177Z

                      Nobody knkws this...

                      1. C@coolio312
                          2021-07-15 15:20:08.104Z

                          Interesting

                          1. C@coolio312
                              2021-07-15 15:20:23.228Z

                              How many levels

                          2. In reply toMagnus:
                            Ssdfhsjdfh @sdfjsdfn
                              2022-08-24 06:51:31.091Z

                              kdjsngjksndgjkdsnnsdklfn

                            • In reply tothamas:
                              GRobe tus @Gdjwjd
                                2020-05-02 20:47:07.598Z
                                1. K@KajMagnus
                                    2020-06-16 06:32:59.832Z

                                    Twitter tweet embeds will work soon, in 1 or 2 weeks (mostly just code review left now).

                                    1. KKhotso Mphale @KekkelApp
                                        2023-09-14 10:13:32.001Z

                                        Testing reply..Testing trply

                                  • Y
                                    In reply toMagnus:
                                    Ying Yue @ying
                                      2018-05-30 14:15:06.387Z

                                      Are you using the Cisco Secure Desktop trojan? You may need 32-bit libraries for it, if your OS is 64 bit. Here's how to add that: https://wiki.debian.org/FAQsFromDebianUser#Multiarch

                                      1. M@Magnus
                                          2018-05-30 14:47:28.615Z

                                          Apparently my OS already has that:

                                          $ dpkg --print-foreign-architectures
                                          i386
                                        • A
                                          In reply toMagnus:
                                          Arjana Mwanaj @arjana
                                            2018-05-30 14:22:53.787Z2018-05-31 06:49:08.051Z

                                            The VPN server no longer supports Linux. You can run Windows in a virtual machine, and login and work from home, in the VM. Here're our Windows installers: //nfs02/os/win11/iso/

                                            Reply7 LikesSolution
                                            1. M@Magnus
                                                2018-05-30 14:49:18.170Z

                                                Thanks, this works. I've logged in via Windows in a VM and I'm working from home again now. But why isn't Linux supported any longer?

                                                1. AArjana Mwanaj @arjana
                                                    2018-05-30 14:51:55.876Z

                                                    Company wide policy. Only Windows and Mac allowed in the future, someone has decided that the company cannot support other OSes for security reasons

                                                    1. QLafif Astahdziq @qutek
                                                        2020-03-28 07:39:05.635Z

                                                        tes

                                                      • In reply toMagnus:
                                                        EIsmail Adegbenga @euler
                                                          2020-11-19 21:08:12.559Z

                                                          Hello Magnus

                                                        • In reply toarjana:
                                                          TThimira Thenuwara @thimiramt
                                                            2020-04-11 18:57:05.914Z

                                                            test comment

                                                          • F
                                                            In reply toMagnus:
                                                            @fatboyfoy
                                                              2020-12-06 22:50:47.512Z
                                                              1. D
                                                                In reply toMagnus:
                                                                ABC @darshana
                                                                  2021-01-31 11:34:59.367Z

                                                                  සිම්හල

                                                                  1. P
                                                                    In reply toMagnus:
                                                                    Papa Dam @papadam
                                                                      2021-03-21 16:27:14.907Z

                                                                      Ding dong, the witch is dead.

                                                                      1. T2
                                                                        In reply toMagnus:
                                                                        ttt @ttt
                                                                          2021-03-28 19:24:24.862Z

                                                                          Comment test :

                                                                          1. T2ttt @ttt
                                                                              2021-03-28 19:24:38.996Z

                                                                              reply on reply !

                                                                            • J
                                                                              In reply toMagnus:
                                                                              Juan Ma @juanmagr
                                                                                2021-09-23 12:32:32.524Z

                                                                                Test

                                                                                1. E2
                                                                                  In reply toMagnus:
                                                                                  @enjutomojamuto
                                                                                    2021-10-01 15:11:04.843Z

                                                                                    This is an example:

                                                                                    1. F
                                                                                      In reply toMagnus:
                                                                                      五块三 @Five
                                                                                        2022-05-09 05:47:15.792Z

                                                                                        53

                                                                                        1. F五块三 @Five
                                                                                            2022-05-09 05:47:27.327Z

                                                                                            22

                                                                                          • S
                                                                                            In reply toMagnus:
                                                                                            sdfhsjdfh @sdfjsdfn
                                                                                              2022-08-23 03:24:50.033Z

                                                                                              .dfjglkdfjg
                                                                                              sflskdlf

                                                                                              1. N
                                                                                                In reply toMagnus:
                                                                                                Nikhil Rayaprolu @nikhil684
                                                                                                  2022-11-11 12:56:49.712Z

                                                                                                  testing this

                                                                                                  1. N
                                                                                                    In reply toMagnus:
                                                                                                    Nikhil Rayaprolu @nikhil684
                                                                                                      2022-11-11 12:57:16.908Z

                                                                                                      again

                                                                                                      1. T
                                                                                                        In reply toMagnus:
                                                                                                        Tarcisio Naves @Tarcisio
                                                                                                          2022-12-13 19:32:00.116Z

                                                                                                          teste

                                                                                                          1. D2
                                                                                                            In reply toMagnus:
                                                                                                            Sem Spiri @doomstar
                                                                                                              2023-05-31 10:00:41.512Z

                                                                                                              I logged in with google, but had to refresh the page because it was showing me the error about unable to load editor. I didn't make a screenshot though

                                                                                                              1. D2
                                                                                                                In reply toMagnus:
                                                                                                                Sem Spiri @doomstar
                                                                                                                  2023-05-31 10:01:10.191Z
                                                                                                                  testing screenshot capability
                                                                                                                  1. D2Sem Spiri @doomstar
                                                                                                                      2023-05-31 10:01:34.132Z

                                                                                                                      lol

                                                                                                                    • B
                                                                                                                      In reply toMagnus:
                                                                                                                      testing @brendanc
                                                                                                                        2023-06-22 17:52:36.328Z
                                                                                                                        1. Progress
                                                                                                                        2. K@KajMagnuspinned this topic 2020-01-13 20:13:43.373Z.
                                                                                                                        3. K@KajMagnusunpinned this topic 2023-12-16 12:17:56.567Z.