You are not logged in.
My openconnect config is behind haproxy and uses different backend per sni and for security reasons I don't want to place a default backend, therefore browsing https://[OPENCONNECT_IP] gives 503 which is OK.
I can use my openconnect via terminal using this command:
sudo openconnect OPENCONNECT_DOMAINBut using openconnect-networkmanager I enter my username and password (therefore I'm sure it uses domain before authentication, otherwise it couldn't reach my openconnect server and asks for credentials), and then gnome notifies
Activation of network connection failed.
Here is some logs from journalctl if it's useful:
Nov 22 18:44:22 hostname audit[955]: USYS_CONFIG pid=955 uid=0 auid=4294967295 ses=4294967295 msg='op=connection-activate uuid=5caab5be-bc82-4c2a-a652-acc3ae455b10 name="VPN Profile" pid=1258 uid=1000 result=success exe="/usr/bin/NetworkManager" hostname=? addr=? terminal=? res=success'
Nov 22 18:44:22 hostname kernel: audit: type=1111 audit(1574435662.047:137): pid=955 uid=0 auid=4294967295 ses=4294967295 msg='op=connection-activate uuid=5caab5be-bc82-4c2a-a652-acc3ae455b10 name="VPN Profile" pid=1258 uid=1000 result=success exe="/usr/bin/NetworkManager" hostname=? addr=? terminal=? res=success'
Nov 22 18:44:22 hostname NetworkManager[955]: <info> [1574435662.0522] audit: op="connection-activate" uuid="5caab5be-bc82-4c2a-a652-acc3ae455b10" name="VPN Profile" pid=1258 uid=1000 result="success"
Nov 22 18:44:22 hostname NetworkManager[955]: <info> [1574435662.0593] vpn-connection[0xdee21b6c780,5caab5be-bc82-4c2a-a652-acc3ae455b10,"VPN Profile",0]: Started the VPN service, PID 2670
Nov 22 18:44:22 hostname NetworkManager[955]: <info> [1574435662.0775] vpn-connection[0xdee21b6c780,5caab5be-bc82-4c2a-a652-acc3ae455b10,"VPN Profile",0]: Saw the service appear; activating connection
Nov 22 18:44:25 hostname NetworkManager[955]: <info> [1574435665.5006] vpn-connection[0xdee21b6c780,5caab5be-bc82-4c2a-a652-acc3ae455b10,"VPN Profile",0]: VPN connection: (ConnectInteractive) reply received
Nov 22 18:44:25 hostname NetworkManager[955]: <info> [1574435665.5043] manager: (vpn0): new Tun device (/org/freedesktop/NetworkManager/Devices/10)
Nov 22 18:44:25 hostname systemd-udevd[2684]: ethtool: autonegotiation is unset or enabled, the speed and duplex are not writable.
Nov 22 18:44:25 hostname NetworkManager[955]: <info> [1574435665.5107] vpn-connection[0xdee21b6c780,5caab5be-bc82-4c2a-a652-acc3ae455b10,"VPN Profile",0]: VPN plugin: state changed: starting (3)
Nov 22 18:44:25 hostname openconnect[2683]: Connected to OPENCONNECT_IP:443
Nov 22 18:44:25 hostname openconnect[2683]: SSL negotiation with OPENCONNECT_IP
Nov 22 18:44:25 hostname openconnect[2683]: SSL connection failure: The TLS connection was non-properly terminated.
Nov 22 18:44:25 hostname NetworkManager[955]: Creating SSL connection failed
Nov 22 18:44:25 hostname gnome-shell[1258]: Removing a network device that was not added
Nov 22 18:44:25 hostname NetworkManager[955]: <warn> [1574435665.6135] vpn-connection[0xdee21b6c780,5caab5be-bc82-4c2a-a652-acc3ae455b10,"VPN Profile",0]: VPN plugin: failed: connect-failed (1)
Nov 22 18:44:25 hostname NetworkManager[955]: <warn> [1574435665.6136] vpn-connection[0xdee21b6c780,5caab5be-bc82-4c2a-a652-acc3ae455b10,"VPN Profile",0]: VPN plugin: failed: connect-failed (1)
Nov 22 18:44:25 hostname NetworkManager[955]: <info> [1574435665.6137] vpn-connection[0xdee21b6c780,5caab5be-bc82-4c2a-a652-acc3ae455b10,"VPN Profile",0]: VPN plugin: state changed: stopping (5)
Nov 22 18:44:25 hostname NetworkManager[955]: <info> [1574435665.6137] vpn-connection[0xdee21b6c780,5caab5be-bc82-4c2a-a652-acc3ae455b10,"VPN Profile",0]: VPN plugin: state changed: stopped (6)
Nov 22 18:44:25 hostname NetworkManager[955]: <info> [1574435665.6183] vpn-connection[0xdee21b6c780,5caab5be-bc82-4c2a-a652-acc3ae455b10,"VPN Profile",0]: VPN service disappearedLast edited by aminvakil (2019-11-22 15:17:59)
Offline
It uses IP address, indeed. There is a way to change its behaviour but requires code change. See https://gitlab.gnome.org/GNOME/NetworkM … /issues/17 for details.
Offline