GlobalProtect-openconnect icon indicating copy to clipboard operation
GlobalProtect-openconnect copied to clipboard

Published 20 hours ago verified publisher icon yuezk

Log out instantly after connected with gateway successfully

Open mahadmughal opened this issue 1 year ago • 3 comments

Describe the bug The client logs out instantly after connected my gateway 'access.nhc.sa'

Expected behavior It should stay connected. Yesterday, it was connected.

Screenshots If applicable, add screenshots to help explain your problem.

Logs VPN connectivity may be disabled or limited without HIP report submission. You need to provide a --csd-wrapper argument with the HIP report submission script. [2024-04-24T05:35:18Z INFO openconnect::ffi] ESP session established with server [2024-04-24T05:35:18Z INFO openconnect::ffi] ESP tunnel connected; exiting HTTPS mainloop. mkdir: cannot create directory ‘/var/run/vpnc’: Permission denied [2024-04-24T05:35:19Z WARN openconnect::ffi] Failed to bind local tun device (TUNSETIFF): Operation not permitted [2024-04-24T05:35:19Z WARN openconnect::ffi] To configure local networking, openconnect must be running as root See https://www.infradead.org/openconnect/nonroot.html for more information mkdir: cannot create directory ‘/var/run/vpnc’: Permission denied [2024-04-24T05:35:19Z WARN openconnect::ffi] Failed to bind local tun device (TUNSETIFF): Operation not permitted [2024-04-24T05:35:19Z WARN openconnect::ffi] To configure local networking, openconnect must be running as root See https://www.infradead.org/openconnect/nonroot.html for more information Set up tun device failed [2024-04-24T05:35:19Z INFO openconnect::ffi] POST https://access.nhc.sa/ssl-vpn/logout.esp [2024-04-24T05:35:19Z INFO openconnect::ffi] SSL negotiation with access.nhc.sa [2024-04-24T05:35:19Z INFO openconnect::ffi] Connected to HTTPS on access.nhc.sa with ciphersuite (TLS1.2)-(ECDHE-SECP256R1)-(RSA-SHA256)-(AES-256-GCM) [2024-04-24T05:35:19Z INFO openconnect::ffi] Logout successful. [2024-04-24T05:35:19Z INFO openconnect::ffi] openconnect_mainloop returned -5, exiting

Environment:

  • OS: [e.g. Ubuntu 22.04]
  • Desktop Environment: [e.g. GNOME or KDE]
  • Output of ps aux | grep 'gnome-keyring\|kwalletd5' | grep -v grep: [Required for secure store error]
  • Is remote SSH? [Yes/No] No

Additional context Add any other context about the problem here.

mahadmughal avatar Apr 24 '24 05:04 mahadmughal

Hi @mahadmughal, you should run the command with sudo.

yuezk avatar Apr 24 '24 06:04 yuezk

@yuezk, resolved with sudo. Many thanks, my friend.

Secondly, I could access not all the sites but few. Why is this case ? Is CLI version providing limited access ? If yes then how should I resolve this issue. Should I use GUI version instead for full access ?

You may get an idea from above logs I have pasted.

Please comment :)

mahadmughal avatar Apr 25 '24 13:04 mahadmughal

Hi @mahadmughal The CLI version doesn't limit access, if you have limited access with the CLI version, it could be the same for the GUI version.

yuezk avatar Apr 27 '24 08:04 yuezk