Discussion:
No address available for SVC connection.
Jonathan Schultz
2013-09-11 22:45:05 UTC
Permalink
Hello folks,

I've been using openconnect for a few months on my Debian/unstable
system and it's been working pretty well. However I recently upgraded to
version 5.01 and now it doesn't work at all. The main message I get is:
VPN service unavailable; reason: No address available for SVC connection.

On a different computer I have access to running some version of Ubuntu
with openconnect 3.15 the same connection still works fine.

I'm happy to provide whatever additional information might help identify
the problem if someone could point the way.

Many thanks,
Jonathan
David Woodhouse
2013-09-12 07:42:50 UTC
Permalink
Post by Jonathan Schultz
Hello folks,
I've been using openconnect for a few months on my Debian/unstable
system and it's been working pretty well. However I recently upgraded to
VPN service unavailable; reason: No address available for SVC connection.
On a different computer I have access to running some version of Ubuntu
with openconnect 3.15 the same connection still works fine.
I'm happy to provide whatever additional information might help identify
the problem if someone could point the way.
If you use OpenConnect 5.01 with the --no-xmlpost option, does it work?
--
David Woodhouse Open Source Technology Centre
***@intel.com Intel Corporation
Jonathan Schultz
2013-09-15 00:42:00 UTC
Permalink
Hi David,

Thanks for the advice.
Post by David Woodhouse
If you use OpenConnect 5.01 with the --no-xmlpost option, does it work?
Yes, that does the trick.

The openconnect manual page indicates that needing to use this option
means that I have found a bug. Can anyone advise on whether it is useful
to report it, or are we talking about a known bug?

Cheers,
Jonathan
Kevin Cernekee
2013-09-15 15:14:19 UTC
Permalink
Post by Jonathan Schultz
Post by David Woodhouse
If you use OpenConnect 5.01 with the --no-xmlpost option, does it work?
Yes, that does the trick.
The openconnect manual page indicates that needing to use this option means
that I have found a bug. Can anyone advise on whether it is useful to report
it, or are we talking about a known bug?
Yes, please post or email the entire unredacted log.

Thanks.
Jonathan Schultz
2013-09-25 03:48:01 UTC
Permalink
Sorry about the delay - I'm finally getting around to doing this. And
now I see that the behaviour has changed since I last tried. Rather than
the message I was getting before, it now appears to reject my password.
I'm not sure whether this list accepts attachments, and the log is short
anyway, so I'll just cut and paste it below. It doesn't look very
informative to me, but maybe someone can understand what it means.

Cheers,
Jonathan


$ sudo openconnect --verbose --user <redacted> remote.unimelb.edu.au/staff
POST https://remote.unimelb.edu.au/staff
Attempting to connect to server 128.250.2.50:443
SSL negotiation with remote.unimelb.edu.au
Server certificate verify failed: signer not found

Certificate from VPN server "remote.unimelb.edu.au" failed verification.
Reason: signer not found
Enter 'yes' to accept, 'no' to abort; anything else to view: yes
Connected to HTTPS on remote.unimelb.edu.au
Got HTTP response: HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
Connection: Keep-Alive
Date: Wed, 25 Sep 2013 03:45:26 GMT
X-Aggregate-Auth: 1
HTTP body chunked (-2)
XML POST enabled
Password: <Type correct password here>
POST https://remote.unimelb.edu.au/
Got HTTP response: HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
Connection: Keep-Alive
Date: Wed, 25 Sep 2013 03:45:28 GMT
X-Aggregate-Auth: 1
HTTP body chunked (-2)
Login failed.
Password: <etc.>
Post by Kevin Cernekee
Post by Jonathan Schultz
Post by David Woodhouse
If you use OpenConnect 5.01 with the --no-xmlpost option, does it work?
Yes, that does the trick.
The openconnect manual page indicates that needing to use this option means
that I have found a bug. Can anyone advise on whether it is useful to report
it, or are we talking about a known bug?
Yes, please post or email the entire unredacted log.
Thanks.
Loading...