We have moved to a new Sailfish OS Forum. Please start new discussions there.

Revision history [back]

click to hide/show revision 1
initial version

posted 2019-12-11 18:44:21 +0200

Karry gravatar image

OpenConnect with second factor auth is not possible (SFOS 3.2.1)

Good progress with the VPN in 3.2.1. But it is still not usable with VPN server in my work office. We are using Cisco AnyConnect with second factor authentication. Moreover we have multiple authentication groups, it have to be specified also during authentication...

When I configure VPN profile and try to activate from UI, it starts openconnect process:

/usr/sbin/openconnect \
  --user myName \
  --passwd-on-stdin \
  --cafile someCert.pem \
  --protocol anyconnect \
  --syslog \
  --non-inter \
  --script /usr/lib/connman/scripts/vpn-script \
  --interface vpn0 \
  company.com

but it stucks waiting for group name and second password. Meanwhile UI signalise that it is still connecting... This state doesn't have timeout probably!

When I add --authgroup=required-group and remove --script (for some reason, vpn-script it ends with error code, but don't dig into it), execute openconnect as a root and insert my two passwords, vpn is established properly...

OpenConnect with second factor auth is not possible (SFOS 3.2.1)

Good progress with the VPN in 3.2.1. But it is still not usable with VPN server in my work office. We are using Cisco AnyConnect with second factor authentication. Moreover we have multiple authentication groups, it have to be specified also during authentication...

When I configure VPN profile and try to activate from UI, it starts openconnect process:

/usr/sbin/openconnect \
  --user myName \
  --passwd-on-stdin \
  --cafile someCert.pem \
  --protocol anyconnect \
  --syslog \
  --non-inter \
  --script /usr/lib/connman/scripts/vpn-script \
  --interface vpn0 \
  company.com

but it stucks waiting for group name and second password. Meanwhile UI signalise that it is still connecting... This state doesn't have timeout probably!

When I add --authgroup=required-group and remove --script (for some reason, vpn-script it ends with error code, in my experiment but I don't dig into it), this issue deeper), execute openconnect as a root and insert my two passwords, vpn is established properly...

click to hide/show revision 3
retagged

updated 2019-12-11 19:43:07 +0200

jovirkku gravatar image

OpenConnect with second factor auth is not possible (SFOS 3.2.1)

Good progress with the VPN in 3.2.1. But it is still not usable with VPN server in my work office. We are using Cisco AnyConnect with second factor authentication. Moreover we have multiple authentication groups, it have to be specified also during authentication...

When I configure VPN profile and try to activate from UI, it starts openconnect process:

/usr/sbin/openconnect \
  --user myName \
  --passwd-on-stdin \
  --cafile someCert.pem \
  --protocol anyconnect \
  --syslog \
  --non-inter \
  --script /usr/lib/connman/scripts/vpn-script \
  --interface vpn0 \
  company.com

but it stucks waiting for group name and second password. Meanwhile UI signalise that it is still connecting... This state doesn't have timeout probably!

When I add --authgroup=required-group and remove --script (for some reason, vpn-script ends with error code, in my experiment but I don't dig into this issue deeper), execute openconnect as a root and insert my two passwords, vpn is established properly...

Copyright © Jolla Ltd. 2013-2019. All rights reserved.
about | faq | help | privacy policy | terms of service | give feedback
Powered by Askbot version 0.7.49