Open Connect Server Configuration (Working for iOS)
Working for iOS only, but for OSX, (Cisco AnyConnect Client for OS X 3.1.05160), captive portal is detected. ‘Web Authentication Required’ and error log like
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
Apr 17 14:49:31 sskajetekiMacBook-Pro.local acvpnui[29001]: Function: compareEKUs File: ../../vpn/CommonCrypt/Certificates/VerifyExtKeyUsage.cpp Line: 330 EKU not found in certificate: 1.3.6.1.5.5.7.3.2 Apr 17 14:49:31 sskajetekiMacBook-Pro.local acvpnui[29001]: Function: Verify File: ../../vpn/CommonCrypt/Certificates/VerifyExtKeyUsage.cpp Line: 100 Extended key usage verification failed Apr 17 14:49:31 sskajetekiMacBook-Pro.local acvpnui[29001]: Function: VerifyExtKeyUsage File: ../../vpn/CommonCrypt/Certificates/OpenSSLCertUtils.cpp Line: 1163 Invoked Function: CVerifyExtKeyUsage::Verify Return Code: -31391722 (0xFE210016) Description: CERTIFICATE_ERROR_VERIFY_ENHKEYUSAGE_FAILED:The certificate did not contain the required Extended Key Usages Apr 17 14:49:31 sskajetekiMacBook-Pro.local acvpnui[29001]: Function: VerifyExtKeyUsage File: ../../vpn/CommonCrypt/Certificates/OpenSSLCertificate.cpp Line: 2164 Invoked Function: COpenSSLCertUtils::VerifyExtKeyUsage Return Code: -31391722 (0xFE210016) Description: CERTIFICATE_ERROR_VERIFY_ENHKEYUSAGE_FAILED:The certificate did not contain the required Extended Key Usages Apr 17 14:49:31 sskajetekiMacBook-Pro.local acvpnui[29001]: Function: getCertList File: ../../vpn/Api/ApiCert.cpp Line: 324 Number of certificates found: 3 Apr 17 14:49:31 sskajetekiMacBook-Pro.local acvpnui[29001]: Function: setConnectionData File: ../../vpn/Api/ConnectMgr.cpp Line: 1871 Certificate retrieved from preferences: Subject Name: CN=com.apple.idms.appleid.prd.41665a636f64723171575536774a574464536a697a513d3d Issuer Name : C=US, O=Apple Inc., OU=Apple Certification Authority, CN=Apple Application Integration Certification Authority Store : Mac Keychain User Apr 17 14:49:31 sskajetekiMacBook-Pro.local acvpnui[29001]: Message type information sent to the user: Contacting vpn.sskaje.me:443. Apr 17 14:49:31 sskajetekiMacBook-Pro.local acvpnui[29001]: Initiating VPN connection to the secure gateway https://vpn.sskaje.me:443 Apr 17 14:49:32 sskajetekiMacBook-Pro.local acvpnagent[89]: Function: TestNetEnv File: ../../vpn/Agent/NetEnvironment.cpp Line: 370 Captive portal detected. Retesting connectivity to the secure gateway in 10 seconds. Apr 17 14:49:32 sskajetekiMacBook-Pro.local acvpnagent[89]: Using default preferences. Some settings (e.g. certificate matching) may not function as expected if a local profile is expected to be used. Verify that the selected host is in the server list section of the profile and that the profile is configured on the secure gateway. Apr 17 14:49:32 sskajetekiMacBook-Pro.local acvpnagent[89]: Function: processConnectNotification File: ../../vpn/Agent/MainThread.cpp Line: 11572 Received connect notification (host vpn.sskaje.me:443, profile N/A) Apr 17 14:49:32 sskajetekiMacBook-Pro.local acvpnagent[89]: Function: respondToConnectNotification File: ../../vpn/Agent/MainThread.cpp Line: 4813 The requested VPN connection to vpn.sskaje.me:443 is not possible at this time (Captive Portal needs to be remediated). Apr 17 14:49:32 sskajetekiMacBook-Pro.local acvpnui[29001]: Message type warning sent to the user: Connection attempt has failed. Apr 17 14:49:32 sskajetekiMacBook-Pro.local acvpnui[29001]: Function: processIfcData File: ../../vpn/Api/ConnectMgr.cpp Line: 2641 Content type (unknown) received. Response type (Captive Portal detected) from openconnect.sskaje.me: Captive Portal detected Apr 17 14:49:32 sskajetekiMacBook-Pro.local acvpnui[29001]: Function: showConnectError File: ../../vpn/Api/ConnectMgr.cpp Line: 5511 Attempt to connect failed when Agent detected a network issue. Apr 17 14:49:32 sskajetekiMacBook-Pro.local acvpnui[29001]: Message type error sent to the user: The service provider in your current location is restricting access to the Internet. You need to log on with the service provider before you can establish a VPN session. You can try this by visiting any website with your browser. Apr 17 14:49:32 sskajetekiMacBook-Pro.local acvpnui[29001]: Function: connect File: ../../vpn/Api/ConnectMgr.cpp Line: 2053 ConnectMgr::processIfcData failed Apr 17 14:49:32 sskajetekiMacBook-Pro.local acvpnui[29001]: Function: initiateConnect File: ../../vpn/Api/ConnectMgr.cpp Line: 1181 Connection failed. Apr 17 14:49:32 sskajetekiMacBook-Pro.local acvpnui[29001]: VPN state: Disconnected Network state: Web Authentication Required Network control state: Network Access: Available Network type: Undefined Apr 17 14:49:32 sskajetekiMacBook-Pro.local acvpnagent[89]: Function: OnIpcMessageReceivedAtDepot File: ../../vpn/Agent/MainThread.cpp Line: 4234 Received connect failure notification (host vpn.sskaje.me:443, profile N/A) Apr 17 14:49:32 sskajetekiMacBook-Pro.local acvpnui[29001]: Function: run File: ../../vpn/Api/ConnectMgr.cpp Line: 674 Invoked Function: ConnectMgr::initiateConnect Return Code: -29622263 (0xFE3C0009) Description: CONNECTMGR_ERROR_UNEXPECTED Apr 17 14:49:32 sskajetekiMacBook-Pro.local acvpnagent[89]: Function: GetPrimaryInterfaceIndex File: ../../vpn/Common/Utility/NetInterface_unix.cpp Line: 422 Unable to get global IPv6 information from system configuration. Apr 17 14:49:32 sskajetekiMacBook-Pro.local acvpnagent[89]: Function: determinePublicAddrCandidateFromDefRoute File: ../../vpn/AgentUtilities/HostConfigMgr.cpp Line: 1769 Invoked Function: CHostConfigMgr::FindDefaultRouteInterface Return Code: -24117215 (0xFE900021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED Apr 17 14:49:32 sskajetekiMacBook-Pro.local acvpnagent[89]: Function: updatePotentialPublicAddresses File: ../../vpn/AgentUtilities/HostConfigMgr.cpp Line: 1914 Invoked Function: CHostConfigMgr::determinePublicAddrCandidateFromDefRoute Return Code: -24117215 (0xFE900021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED |
OpenConnect on Ubuntu Generate Certificate with GnuTLS and Sign with OpenSSL Incoming search terms:ROUTETABLE_ERROR_GETBESTROUTE_FAILEDNo valid certificates available for authentication192 168 1 99;29001no valid certificates available for authentication 設定ANyConnect No … Continue reading “Open Connect Server Configuration (Working for iOS)”