You are not logged in.

Pages: 1

#1 2023-12-04 11:16:00

joanmanel
Member
Registered: 2012-11-06
Posts: 234

cannot connect to vpn using openconnect as root or non-root

Hi there,

I am trying to connect to my university vpn with the following command (please note I have changed the vpn address just for this demo). The VPN uses double authentification, and it should open the browser where I can log in. But the browser never opens, and I get the following error:

[juanma@housepc ~]$ sudo openconnect cent.vpn.ac.uk --config=.config/openconnect/config --useragent=AnyConnect
POST https://cent.vpn.ac.uk/
Connected to 130.111.11.111:443
SSL negotiation with cent.vpn.ac.uk
Connected to HTTPS on cent.vpn.ac.uk with ciphersuite (TLS1.2)-(ECDHE-X25519)-(RSA-SHA256)-(AES-256-GCM)
XML POST enabled
Please complete the authentication process in the browser window.
[4010:4010:1204/111120.083115:ERROR:zygote_host_impl_linux.cc(100)] Running as root without --no-sandbox is not supported. See https://crbug.com/638180.

When I try without sudo, it does open the browser, and I can log in, and then the browser says " You have successfully authenticated. You may now close this browser tab. ", but the vpn in the terminals fails out, and I cannot connect to it:

[juanma@housepc ~]$ openconnect cent.vpn.ac.uk --config=.config/openconnect/config --useragent=AnyConnect
POST https://cent.vpn.ac.uk/
Connected to 130.111.11.111:443
SSL negotiation with cent.vpn.ac.uk
Connected to HTTPS on cent.vpn.ac.uk with ciphersuite (TLS1.2)-(ECDHE-X25519)-(RSA-SHA256)-(AES-256-GCM)
XML POST enabled
Please complete the authentication process in the browser window.
POST https://cent.vpn.ac.uk/
Got CONNECT response: HTTP/1.1 200 OK
CSTP connected. DPD 30, Keepalive 20
Established DTLS connection (using GnuTLS). Ciphersuite (DTLS1.2)-(ECDHE-RSA)-(AES-256-GCM).
Configured as 130.111.111.111, with SSL connected and DTLS connected
Session authentication will expire at Mon Dec 18 11:14:03 2023

mkdir: cannot create directory ‘/var/run/vpnc’: Permission denied
Failed to bind local tun device (TUNSETIFF): Operation not permitted
To configure local networking, openconnect must be running as root
See https://www.infradead.org/openconnect/nonroot.html for more information
Set up tun device failed
Send BYE packet: Set up tun device failed
Unrecoverable I/O error; exiting.
[juanma@housepc ~]$

Offline

Pages: 1

Board footer

Powered by FluxBB