You are not logged in.

#1 2016-11-18 10:01:27

amuttsch
Member
Registered: 2016-08-15
Posts: 6

VPN connection works, HTTPS connections don't

Hello,

when I connect to my VPN (openconnect as well as openvpn) I can access http websites, but not their https version.

curl fails with the following error:

▶ curl -v https://www.google.com
* Rebuilt URL to: https://www.google.com/
*   Trying 194.122.81.52...
* TCP_NODELAY set
* Connected to www.google.com (194.122.81.52) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* Unknown SSL protocol error in connection to www.google.com:443 
* Curl_http_done: called premature == 1
* Closing connection 0
curl: (35) Unknown SSL protocol error in connection to www.google.com:443 

After disconnecting from the VPN the connection works just fine. Using the vpn with my Android phone I am able to access https sites without a problem, so I guess the probles lies on the client side.

What can be the reason for this issue? If you need any additional information, just ask.

Thanks!

Offline

#2 2016-11-18 19:42:36

brebs
Member
Registered: 2007-04-03
Posts: 3,742

Re: VPN connection works, HTTPS connections don't

I would suspect that the VPN is also acting as a web proxy, and requiring the (insecure) SSL3.

SSL3 is disabled in Arch's openssl by "no-ssl3-method".

Offline

#3 2016-11-19 14:56:59

amuttsch
Member
Registered: 2016-08-15
Posts: 6

Re: VPN connection works, HTTPS connections don't

I just got the openconnect VPN working. Apparently DTLS is causing the issue. Starting the vpn with the

--no-dtls

option works. Does anyone have an idea why dtls is causing issues?

openvpn works after a system update again, too.

Offline

Board footer

Powered by FluxBB