Glam Prestige Journal

Bright entertainment trends with youth appeal.

On Ubuntu 16.04 I am getting the following error: 

$ openconnect -v vpn.com
POST
Attempting to connect to server 1.1.1.1:443
SSL negotiation with vpn.com
Connected to HTTPS on vpn.com
Got HTTP response: HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
Connection: Keep-Alive
Date: Mon, 22 Aug 2016 00:04:14 GMT
X-Frame-Options: SAMEORIGIN
X-Aggregate-Auth: 1
HTTP body chunked (-2)
XML POST enabled
Error: Server asked us to run CSD hostscan.
You need to provide a suitable --csd-wrapper argument.
Failed to obtain WebVPN cookie

I tried --no-xmlpost post and got error as well.

Here is some background:
I had Ubuntu 14.04 and was connecting to vpn server using openconnect. Then a week ago, it stopped working with this issue. My guess is that the vpn site upgraded its Cisco vpn server to required to CSD trojan. Anyhow, I decided to upgrade to 16.04 and still have the same problem.

2

3 Answers

I found my answer through this post:

I did the following:

cd ~
mkdir .cisco
cd .cisco
wget
chmod +x csd-wrapper.sh

Edit the file with the vpn server: 

CSD_HOSTNAME=vpnserver.com

Run the file 

./csd-wrapper.sh

Run openconnect: 

sudo openconnect --csd-user=YOURLINUXUSERNAME --csd-wrapper=/home/YOURLINUXUSERNAME/.cisco/csd-wrapper.sh vpnserver.com
3

I found that I needed to specify --os=win as well. This seemed to work around a 404 response that the server was generating when attempting to download sfinst.

GET
Got HTTP response: HTTP/1.1 404 Not Found (does not exist)

Information on the 404 for sfinst issue can be found on the openconnect-devel mailing list "Connecting with Linux when the CSD is available" post.

I had success with the following command which uses the os flag and the csd-wrapper flag together:

sudo openconnect \ --user <USERNAME> \ --cert-expire-warning=15 \ --certificate <CERTFILE> \ --os=win \ --csd-user=<USERNAME> \ --csd-wrapper=<PATHTO>/csd-wrapper.sh \ e.g., vpn.company.com>
2

I had this Error in Ubuntu 18.04
I was able to connect to the server using the link below and the second answer.

just use the -v flag

sudo openconnect -v NAMESERVER.COM

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

Related Journals