You are not logged in.
- Topics: Active | Unanswered
#1 2016-11-18 10:01:27
- amuttsch
- Member
- Registered: 2016-08-15
- Posts: 6
VPN connection works, HTTPS connections don't
Hello,
when I connect to my VPN (openconnect as well as openvpn) I can access http websites, but not their https version.
curl fails with the following error:
▶ curl -v https://www.google.com
* Rebuilt URL to: https://www.google.com/
* Trying 194.122.81.52...
* TCP_NODELAY set
* Connected to www.google.com (194.122.81.52) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* Unknown SSL protocol error in connection to www.google.com:443
* Curl_http_done: called premature == 1
* Closing connection 0
curl: (35) Unknown SSL protocol error in connection to www.google.com:443 After disconnecting from the VPN the connection works just fine. Using the vpn with my Android phone I am able to access https sites without a problem, so I guess the probles lies on the client side.
What can be the reason for this issue? If you need any additional information, just ask.
Thanks!
Offline
#2 2016-11-18 19:42:36
- brebs
- Member
- Registered: 2007-04-03
- Posts: 3,742
Re: VPN connection works, HTTPS connections don't
I would suspect that the VPN is also acting as a web proxy, and requiring the (insecure) SSL3.
SSL3 is disabled in Arch's openssl by "no-ssl3-method".
Offline
#3 2016-11-19 14:56:59
- amuttsch
- Member
- Registered: 2016-08-15
- Posts: 6
Re: VPN connection works, HTTPS connections don't
I just got the openconnect VPN working. Apparently DTLS is causing the issue. Starting the vpn with the
--no-dtlsoption works. Does anyone have an idea why dtls is causing issues?
openvpn works after a system update again, too.
Offline