GlobalProtect-openconnect icon indicating copy to clipboard operation
GlobalProtect-openconnect copied to clipboard

Published 20 hours ago verified publisher icon yuezk

stuck on "connecting..."

Open murilera opened this issue 2 years ago • 10 comments

log messages (I deleted the credentials):

2022-06-20 15:47:57.890 INFO  [6346] [SAMLLoginWindow::checkSamlResult@80] Checking the authentication result...
2022-06-20 15:47:57.890 INFO  [6346] [SAMLLoginWindow::checkSamlResult@97] Got the SAML authentication information successfully. username: preloginCookie: userAuthCookie: 
2022-06-20 15:47:57.890 INFO  [6346] [GatewayAuthenticator::onSAMLLoginSuccess@175] SAML login succeeded, got the prelogin-cookie
2022-06-20 15:47:57.890 INFO  [6346] [GatewayAuthenticator::login@41] Trying to login the gateway at 
2022-06-20 15:47:57.910 ERROR [6346] [CDPCommandManager::onSocketError@86] WebSocket error1
2022-06-20 15:47:57.910 INFO  [6346] [CDPCommandManager::onSocketDisconnected@81] WebSocket disconnected
2022-06-20 15:47:58.443 INFO  [6346] [gpclient::helper::parseGatewayResponse@54] Start parsing the gateway response...
2022-06-20 15:47:58.443 INFO  [6346] [gpclient::helper::parseGatewayResponse@55] The gateway response is: ...
2022-06-20 15:47:58.443 INFO  [6346] [GPClient::onGatewaySuccess@391] Gateway login succeeded, got the cookie

why i'm seeing 'login succeeded', but stuck on "connecting..." (GUI)? I'm using the latest version 1.4.8

murilera avatar Jun 20 '22 18:06 murilera

Are there any logs logged after 2022-06-20 15:47:58.443 INFO [6346] [GPClient::onGatewaySuccess@391] Gateway login succeeded, got the cookie?

yuezk avatar Jun 21 '22 10:06 yuezk

no, after this, I'm only getting the 'connecting...' message in the GUI. nothing happens after that

murilera avatar Jun 21 '22 12:06 murilera

I was able to reach that today:

2022-06-21 10:21:22.511 INFO  [31634] [GPClient::onVPNLogAvailable@517] Openconnect started successfully, PID=31705
2022-06-21 10:21:22.514 INFO  [31634] [GPClient::onVPNLogAvailable@517] POST .....
2022-06-21 10:21:22.516 INFO  [31634] [GPClient::onVPNLogAvailable@517] Attempting to connect to server .....
2022-06-21 10:21:22.653 INFO  [31634] [GPClient::onVPNLogAvailable@517] Connected to .....
2022-06-21 10:21:22.659 INFO  [31634] [GPClient::onVPNLogAvailable@517] SSL negotiation with ....
2022-06-21 10:21:22.798 INFO  [31634] [GPClient::onVPNLogAvailable@517] Server certificate verify failed: signer not found
2022-06-21 10:21:22.798 INFO  [31634] [GPClient::onVPNLogAvailable@517] 
Certificate from VPN server ....... failed verification.
Reason: signer not found
To trust this server in future, perhaps add this to your command line:
    --servercert pin-sha256:......
Enter 'yes' to accept, 'no' to abort; anything else to view:

I think it was supposed to open a window for me to accept or deny this, but since it does not open anything I added this --servercert in the gp.conf and finally I was able to connect, but connection does not access things, I says the connection took too long and dont connect to the websites.

murilera avatar Jun 21 '22 13:06 murilera

Now I'm connected, but everything is stuck on loading when it needs the vpn connection. I tried virginia-a and oregon-a gateways, nothing seems to work. I can dig and see the endpoint address, but I'm not able to load the company's github for example...

murilera avatar Jun 21 '22 14:06 murilera

Any updates on this? I have the exact same issue since updating to Ubuntu 22...

kavehshamsi avatar Jun 23 '22 21:06 kavehshamsi

I was able to reach that today:

2022-06-21 10:21:22.511 INFO  [31634] [GPClient::onVPNLogAvailable@517] Openconnect started successfully, PID=31705
2022-06-21 10:21:22.514 INFO  [31634] [GPClient::onVPNLogAvailable@517] POST .....
2022-06-21 10:21:22.516 INFO  [31634] [GPClient::onVPNLogAvailable@517] Attempting to connect to server .....
2022-06-21 10:21:22.653 INFO  [31634] [GPClient::onVPNLogAvailable@517] Connected to .....
2022-06-21 10:21:22.659 INFO  [31634] [GPClient::onVPNLogAvailable@517] SSL negotiation with ....
2022-06-21 10:21:22.798 INFO  [31634] [GPClient::onVPNLogAvailable@517] Server certificate verify failed: signer not found
2022-06-21 10:21:22.798 INFO  [31634] [GPClient::onVPNLogAvailable@517] 
Certificate from VPN server ....... failed verification.
Reason: signer not found
To trust this server in future, perhaps add this to your command line:
    --servercert pin-sha256:......
Enter 'yes' to accept, 'no' to abort; anything else to view:

I think it was supposed to open a window for me to accept or deny this, but since it does not open anything I added this --servercert in the gp.conf and finally I was able to connect, but connection does not access things, I says the connection took too long and dont connect to the websites.

@murilera You can set the servercert parameter in /etc/gpservide/gp.conf. See https://github.com/yuezk/GlobalProtect-openconnect/wiki/Configuration#example

yuezk avatar Jun 24 '22 03:06 yuezk

Any updates on this? I have the exact same issue since updating to Ubuntu 22...

Can you provide your log files?

yuezk avatar Jun 24 '22 03:06 yuezk 

....
2022-06-23 16:36:48.761 INFO  [9170] [GPClient::onVPNLogAvailable@517] Attempting to connect to server xxxxx
2022-06-23 16:36:48.766 INFO  [9170] [GPClient::onVPNLogAvailable@517] Connected to xxxxxxx
2022-06-23 16:36:48.771 INFO  [9170] [GPClient::onVPNLogAvailable@517] SSL negotiation with xxxxx
2022-06-23 16:36:48.780 INFO  [9170] [GPClient::onVPNLogAvailable@517] Server certificate verify failed: signer not found
2022-06-23 16:36:48.780 INFO  [9170] [GPClient::onVPNLogAvailable@517] 
Certificate from VPN server "xxxxxx" failed verification.
Reason: signer not found
To trust this server in future, perhaps add this to your command line:
    --servercert pin-sha256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=
Enter 'yes' to accept, 'no' to abort; anything else to view: 
^CCaught signal: Interrupt

Version 1.2 worked for me well on Ubuntu 20. Update to 22 broke it. Already dealt with the "gateway connection failure" by updating to 1.4.8. Stuck on "connecting" now.

kavehshamsi avatar Jun 24 '22 06:06 kavehshamsi

This seems to have fixed it for me! I installed

apt install libqt5networkauth5-dev

randomly tried it following taking a look at this bug report: https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1952977

kavehshamsi avatar Jun 24 '22 06:06 kavehshamsi

log messages (I deleted the credentials):

2022-06-20 15:47:57.890 INFO  [6346] [SAMLLoginWindow::checkSamlResult@80] Checking the authentication result...
2022-06-20 15:47:57.890 INFO  [6346] [SAMLLoginWindow::checkSamlResult@97] Got the SAML authentication information successfully. username: preloginCookie: userAuthCookie: 
2022-06-20 15:47:57.890 INFO  [6346] [GatewayAuthenticator::onSAMLLoginSuccess@175] SAML login succeeded, got the prelogin-cookie
2022-06-20 15:47:57.890 INFO  [6346] [GatewayAuthenticator::login@41] Trying to login the gateway at 
2022-06-20 15:47:57.910 ERROR [6346] [CDPCommandManager::onSocketError@86] WebSocket error1
2022-06-20 15:47:57.910 INFO  [6346] [CDPCommandManager::onSocketDisconnected@81] WebSocket disconnected
2022-06-20 15:47:58.443 INFO  [6346] [gpclient::helper::parseGatewayResponse@54] Start parsing the gateway response...
2022-06-20 15:47:58.443 INFO  [6346] [gpclient::helper::parseGatewayResponse@55] The gateway response is: ...
2022-06-20 15:47:58.443 INFO  [6346] [GPClient::onGatewaySuccess@391] Gateway login succeeded, got the cookie

why i'm seeing 'login succeeded', but stuck on "connecting..." (GUI)? I'm using the latest version 1.4.8

I implemented it in my environment and I also got this "connecting" symptom. I installed through the git package and also the "libqt5networkauth5 pkg-config libsecret-1-dev libqt5keychain1" libraries. Once installed, it already changed the status to "connected"

augustodoug avatar Oct 17 '22 20:10 augustodoug