David Woodhouse
David Woodhouse
Building with `--disable-digestsign` seems to fix it
I'd recommend using vpnc-script. It handles IP and DNS configuration on a whole bunch of operating systems including Mac OS, Solaris, *BSD, various Linux setups. Just set the appropriate environment...
Most Linux distributions ship it already; we moved it out of the vpnc package itself so it could be a dependency for openconnect too. Even NetworkManager has a tool which...
Start by capturing the traffic on the wire; it's actually possible that it's in the DTLS handshake (with PSK) instead of inside it.
It will be in the upcoming 9.00 release. For now you have to build from git (http://www.infradead.org/openconnect/building.html) or use the bleeding-edge builds from https://copr.fedorainfracloud.org/coprs/dwmw2/openconnect/ for Fedora/RHEL/Windows.
Don't use the ppp_protocols branch; it's all merged to master now.
We should probably take this to https://gitlab.com/openconnect/openconnect/-/merge_requests/169 rather than continuing an OpenConnect discussion here? The master branch is at commit 0cfdb7b871fd04c7a500001d2d0961779adf0ed5 which definitely includes Fortinet support, having merged the ppp_protocols...
@zez3 did you get it working?
I've set up a test Fortigate VM and played with IPv6. It does still seem to be true (this is FortiOS 7.0.0) that you the server will only give you...
Yes, that will work. It doesn't have much to do with the VPN client or the server. Just set up DNS to point to an IPv6 address which is doing...