ā11-13-2017 08:14 AM - edited ā03-12-2019 04:44 AM
I am trying to connect to a VPN using anyconnect 4.5 on Ubuntu 16.04. I am able to connect to the VPN using the android app and other people are able to connect so I think the issue must be on my machine rather than server side. I get the below errors is syslog. Has anyone come across these before/
Nov 13 16:08:51 phil-HP-EliteDesk-800-G3-SFF acvpncli[16241]: Function: SendRequest File: ../../vpn/Api/CTransportCurlStatic.cpp Line: 1500 Invoked Function: curl_easy_perform Return Code: -30015438 (0xFE360032) Description: CTRANSPORT_ERROR_HTTP_RETURNED_ERROR:The HTTP server returned an error code (>= 400) HTTP status code received 404 Nov 13 16:08:51 phil-HP-EliteDesk-800-G3-SFF acvpncli[16241]: Function: sendRequest File: ../../vpn/Api/ConnectIfc.cpp Line: 3235 Invoked Function: CTransport::SendRequest Return Code: -30015438 (0xFE360032) Description: CTRANSPORT_ERROR_HTTP_RETURNED_ERROR:The HTTP server returned an error code (>= 400) Nov 13 16:08:51 phil-HP-EliteDesk-800-G3-SFF acvpncli[16241]: Function: connect File: ../../vpn/Api/ConnectIfc.cpp Line: 486 Invoked Function: ConnectIfc::sendRequest Return Code: -30015438 (0xFE360032) Description: CTRANSPORT_ERROR_HTTP_RETURNED_ERROR:The HTTP server returned an error code (>= 400) Nov 13 16:08:51 phil-HP-EliteDesk-800-G3-SFF acvpncli[16241]: Function: doConnectIfcConnect File: ../../vpn/Api/ConnectMgr.cpp Line: 2150 Invoked Function: ConnectIfc::connect Return Code: -30015438 (0xFE360032) Description: CTRANSPORT_ERROR_HTTP_RETURNED_ERROR:The HTTP server returned an error code (>= 400) Nov 13 16:08:51 phil-HP-EliteDesk-800-G3-SFF acvpncli[16241]: Message type warning sent to the user: Connection attempt has failed. Nov 13 16:08:51 phil-HP-EliteDesk-800-G3-SFF acvpncli[16241]: Function: processIfcData File: ../../vpn/Api/ConnectMgr.cpp Line: 2839 Content type (unknown) received. Response type (failed) from 83.218.15.54: Nov 13 16:08:51 phil-HP-EliteDesk-800-G3-SFF acvpncli[16241]: Function: processIfcData File: ../../vpn/Api/ConnectMgr.cpp Line: 2977 Invoked Function: ConnectMgr::processIfcData Return Code: -30015438 (0xFE360032) Description: CTRANSPORT_ERROR_HTTP_RETURNED_ERROR:The HTTP server returned an error code (>= 400) Nov 13 16:08:51 phil-HP-EliteDesk-800-G3-SFF acvpncli[16241]: Function: connect File: ../../vpn/Api/ConnectMgr.cpp Line: 2237 ConnectMgr::processIfcData failed Nov 13 16:08:51 phil-HP-EliteDesk-800-G3-SFF acvpncli[16241]: Function: initiateConnect File: ../../vpn/Api/ConnectMgr.cpp Line: 1257 Connection failed. Nov 13 16:08:51 phil-HP-EliteDesk-800-G3-SFF acvpncli[16241]: VPN state: Disconnected Network state: Network Accessible Network control state: Network Access: Available Network type: Undefined Nov 13 16:08:51 phil-HP-EliteDesk-800-G3-SFF acvpncli[16241]: Function: run File: ../../vpn/Api/ConnectMgr.cpp Line: 720 Invoked Function: ConnectMgr::initiateConnect Return Code: -29622263 (0xFE3C0009) Description: CONNECTMGR_ERROR_UNEXPECTED Nov 13 16:08:51 phil-HP-EliteDesk-800-G3-SFF acvpncli[16241]: Function: signalGetNextCommand File: ../../vpn/CLI/callbacks.cpp Line: 838 Attempting to access NULL pointer Nov 13 16:08:51 phil-HP-EliteDesk-800-G3-SFF acvpnagent[2500]: Function: OnIpcMessageReceivedAtDepot File: ../../vpn/Agent/MainThread.cpp Line: 4730 Received connect failure notification (host 83.218.15.54, profile N/A) Nov 13 16:08:51 phil-HP-EliteDesk-800-G3-SFF acvpnagent[2500]: Function: determinePublicAddrCandidateFromDefRoute File: ../../vpn/AgentUtilities/HostConfigMgr.cpp Line: 2103 Invoked Function: CHostConfigMgr::FindDefaultRouteInterface Return Code: -24117215 (0xFE900021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED IPv6 Nov 13 16:08:51 phil-HP-EliteDesk-800-G3-SFF acvpnagent[2500]: Function: updatePotentialPublicAddresses File: ../../vpn/AgentUtilities/HostConfigMgr.cpp Line: 2245 Invoked Function: CHostConfigMgr::determinePublicAddrCandidateFromDefRoute Return Code: -24117215 (0xFE900021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED IPv6
ā11-13-2017 02:38 PM
Hi @pmbrady
This log does not say too much unfortunatelly.
I recommend you to install some different client for linux just to make sure:
sudo apt-get install vpnc or sudo apt-get install OpenConnect.
Maybe you have some job to do with repository.
-If I helped you somehow, please, rate it as useful.-
-If I helped you somehow, please, rate it as useful.-
ā11-14-2017 02:50 AM
I think I've found the issue but I am pretty sure I am using the latest version of AnyConnect (4.5.02036)
openconnect xxx.xxx.xxx.xxx POST https://xxx.xxx.xxx.xxx/ Attempting to connect to server xxx.xxx.xxx.xxx:443 SSL negotiation with xxx.xxx.xxx.xxx Server certificate verify failed: signer not found Certificate from VPN server "xxx.xxx.xxx.xxx" failed verification. Reason: signer not found Enter 'yes' to accept, 'no' to abort; anything else to view: yes Connected to HTTPS on xxx.xxx.xxx.xxx Got HTTP response: HTTP/1.1 404 Not Found Unexpected 404 result from server GET https://xxx.xxx.xxx.xxx/ Attempting to connect to server xxx.xxx.xxx.xxx:443 SSL negotiation with xxx.xxx.xxx.xxx Server certificate verify failed: signer not found Connected to HTTPS on xxx.xxx.xxx.xxx Got HTTP response: HTTP/1.0 302 Object Moved GET https://xxx.xxx.xxx.xxx/+webvpn+/index.html SSL negotiation with xxx.xxx.xxx.xxx Server certificate verify failed: signer not found Connected to HTTPS on xxx.xxx.xxx.xxx Got HTTP response: HTTP/1.1 301 Moved Permanently GET https://xxx.xxx.xxx.xxx/+CSCOU+/anyconnect_unsupported_version.html Please upgrade your AnyConnect Client Failed to obtain WebVPN cookie
ā11-14-2017 02:57 AM
I think I have found the problem but I am already using the latest version (4.5.02036)
openconnect xxx.xxx.xxx.xxx POST https://xxx.xxx.xxx.xxx/ Attempting to connect to server xxx.xxx.xxx.xxx:443 SSL negotiation with xxx.xxx.xxx.xxx Server certificate verify failed: signer not found Certificate from VPN server "xxx.xxx.xxx.xxx" failed verification. Reason: signer not found Enter 'yes' to accept, 'no' to abort; anything else to view: yes Connected to HTTPS on xxx.xxx.xxx.xxx Got HTTP response: HTTP/1.1 404 Not Found Unexpected 404 result from server GET https://xxx.xxx.xxx.xxx/ Attempting to connect to server xxx.xxx.xxx.xxx:443 SSL negotiation with xxx.xxx.xxx.xxx Server certificate verify failed: signer not found Connected to HTTPS on xxx.xxx.xxx.xxx Got HTTP response: HTTP/1.0 302 Object Moved GET https://xxx.xxx.xxx.xxx/+webvpn+/index.html SSL negotiation with xxx.xxx.xxx.xxx Server certificate verify failed: signer not found Connected to HTTPS on xxx.xxx.xxx.xxx Got HTTP response: HTTP/1.1 301 Moved Permanently GET https://xxx.xxx.xxx.xxx/+CSCOU+/anyconnect_unsupported_version.html Please upgrade your AnyConnect Client Failed to obtain WebVPN cookie
ā11-20-2017 02:08 AM
I managed to fix this by passing --os=win
'echo $(sudo cat /home/phil/Documents/passwd) | sudo openconnect --user xxx --csd-user xxx --csd-wrapper ~/.cisco/csd-wrapper.sh xx.xx.xx.xx
--no-cert-check --authgroup=xxx --os=win --passwd-on-stdin --no-dtls'
My problem is now that when I am connected to the VPN I have no internet access.
Is there a way to exclude a program from the VPN? For example, chrome will use my normal connection but terminal will use the VPN connection?
ā12-13-2018 08:27 AM - edited ā12-13-2018 08:28 AM
Regarding your question about using different apps... I am not sure how you would do that using a simple configuration on your client but I know that in the past I have done this by setting up a light proxy that runs on another system on my home network, and I just configure the browser to go through that proxy. That is a bit of an extra step though...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide