Comments (19)
bjdgyc
commented on August 23, 2024
我使用 anyconnect-win-4.9.05042.msi 本地测试正常,麻烦提供下用户组的配置信息
from anylink.
changchunhua2017
commented on August 23, 2024
我使用 anyconnect-win-4.9.05042.msi 本地测试正常,麻烦提供下用户组的配置信息
用户组信息
from anylink.
Echo21bash
commented on August 23, 2024
环境:
桌面 OS : Windows 10
vpn客户端 cisco anyconnect 版本 v4.9.04043作为对比,同样是这个客户端,连另一台 VPN 服务端 OpenConnect server (ocserv 1.1.1)登录正常客户端报错
cisco anyconnect 输入 pin + OTP 动态码后 ,Banner信息弹出正常 ,但下一步就报错了
服务端日志输出
2021/01/12 10:04:48 main.go:26: [Info] Server pid: 2027 2021/01/12 10:04:48 server.go:47: [Info] listen server :443 2021/01/12 10:04:48 server.go:58: [Info] Listen admin :8800 2021/01/12 10:05:30 link_tunnel.go:69: [Debug] 192.168.214.10 02:00:ac:1a:05:0e demo 2021/01/12 10:05:30 link_cstp.go:54: [Debug] DISCONNECT 192.168.214.10 2021/01/12 10:05:30 closeOnce: 192.168.214.10
使用的是自签证书吗?
from anylink.
bq1122
commented on August 23, 2024
我的也是这个错误.用的是自签证书,自签证书引起的?
from anylink.
changchunhua2017
commented on August 23, 2024
我的也是这个错误.用的是自签证书,自签证书引起的?
我用的昨天刚申请的 Let's Encrypt 泛域名公共证书 (类似 *.example.com ),非自签证书
from anylink.
Echo21bash
commented on August 23, 2024
我的也是这个错误.用的是自签证书,自签证书引起的?
我使用的自签证书,需要将p12证书导入浏览器。可以正常使用。这个报错具体原因不太清楚
from anylink.
bjdgyc
commented on August 23, 2024
这个删除掉,不正确的CIDR也会导致链接问题。
另增加了CIDR判断和返回数据的debug信息,稍后会更新
from anylink.
changchunhua2017
commented on August 23, 2024
排除路由的内容去掉了,问题依旧
服务端日志
2021/01/12 15:16:14 link_tunnel.go:69: [Debug] 192.168.214.10 02:00:ac:1a:05:0e demo
2021/01/12 15:16:14 link_cstp.go:54: [Debug] DISCONNECT 192.168.214.10
2021/01/12 15:16:14 closeOnce: 192.168.214.10
2021/01/12 15:16:14 link_tun.go:104: [Error] tun Read err 0 read tun: file already closed
anyconnect 客户端的连接日志
15:22:20 Contacting sslvpn.xxx.org.
15:22:39 User credentials entered.
15:24:21 User credentials entered.
15:24:21 Please respond to banner.
15:24:22 User accepted banner.
15:24:22 Establishing VPN session...
15:24:22 The AnyConnect Downloader is performing update checks...
15:24:22 Checking for profile updates...
15:24:22 Checking for customization updates...
15:24:23 Establishing VPN - Initiating connection...
15:24:23 Establishing VPN session...
15:24:23 Connection attempt has failed.
15:24:23 VPN session ended.
from anylink.
bq1122
commented on August 23, 2024
有没有个QQ群?
from anylink.
bq1122
commented on August 23, 2024
去Let's Encrypt申请了 证书换上去.录入ping+动态码之后.
 
from anylink.
Echo21bash
commented on August 23, 2024
去Let's Encrypt申请了 证书换上去.录入ping+动态码之后.
这个报错和我自签证书报错一样的,我是将p12证书文件加入到浏览器解决的
from anylink.
bjdgyc
commented on August 23, 2024
排除路由的内容去掉了,问题依旧
服务端日志 2021/01/12 15:16:14 link_tunnel.go:69: [Debug] 192.168.214.10 02:00:ac:1a:05:0e demo 2021/01/12 15:16:14 link_cstp.go:54: [Debug] DISCONNECT 192.168.214.10 2021/01/12 15:16:14 closeOnce: 192.168.214.10 2021/01/12 15:16:14 link_tun.go:104: [Error] tun Read err 0 read tun: file already closedanyconnect 客户端的连接日志
15:22:20 Contacting sslvpn.xxx.org. 15:22:39 User credentials entered. 15:24:21 User credentials entered. 15:24:21 Please respond to banner. 15:24:22 User accepted banner. 15:24:22 Establishing VPN session... 15:24:22 The AnyConnect Downloader is performing update checks... 15:24:22 Checking for profile updates... 15:24:22 Checking for customization updates... 15:24:23 Establishing VPN - Initiating connection... 15:24:23 Establishing VPN session... 15:24:23 Connection attempt has failed. 15:24:23 VPN session ended.
下载最新版,然后把debug信息贴一下
from anylink.
bjdgyc
commented on August 23, 2024
有没有个QQ群?
暂时没有建立
from anylink.
bjdgyc
commented on August 23, 2024
去Let's Encrypt申请了 证书换上去.录入ping+动态码之后.
使用较新版本的客户端试一下
https://gitee.com/bjdgyc/anylink-soft
from anylink.
changchunhua2017
commented on August 23, 2024
去Let's Encrypt申请了 证书换上去.录入ping+动态码之后.
使用较新版本的客户端试一下
https://gitee.com/bjdgyc/anylink-soft
@hebaodanroot 对,你需要用最新版本的 anyconnect 测试
from anylink.
changchunhua2017
commented on August 23, 2024
最新版 debug 信息 @bjdgyc
X-Cstp-Keep: true
X-Cstp-Keepalive: 20
X-Cstp-Lease-Duration: 1209600
X-Cstp-License: accept
X-Cstp-Msie-Proxy-Lockdown: true
X-Cstp-Mtu: 1399
X-Cstp-Netmask: 255.255.255.0
X-Cstp-Protocol: Copyright (c) 2004 Cisco Systems, Inc.
X-Cstp-Quarantine: false
X-Cstp-Rekey-Method: new-tunnel
X-Cstp-Rekey-Time: 172800
X-Cstp-Routing-Filtering-Ignore: false
X-Cstp-Session-Timeout: none
X-Cstp-Session-Timeout-Alert-Interval: 60
X-Cstp-Session-Timeout-Remaining: none
X-Cstp-Smartcard-Removal-Disconnect: true
X-Cstp-Split-Exclude: 0.0.0.0/255.255.255.255
X-Cstp-Split-Include:
X-Cstp-Tcp-Keepalive: false
X-Cstp-Tunnel-All-Dns: false
X-Cstp-Version: 1
X-Dtls-Keepalive: 20
X-Dtls-Mtu: 1399
X-Dtls-Port: 4433
X-Dtls-Rekey-Time: 5400
X-Dtls-Session-Id: e8de40505476305c05c84f60df1d7efe4ca513ca1a993bae5e77b3dfa162f2bc
X-Dtls12-Ciphersuite: ECDHE-ECDSA-AES128-GCM-SHA256
2021/01/13 09:34:30 link_cstp.go:54: [Debug] DISCONNECT 192.168.214.10
2021/01/13 09:34:30 closeOnce: 192.168.214.10
from anylink.
bjdgyc
commented on August 23, 2024
X-Cstp-Split-Include:
这个信息不能为空
from anylink.
changchunhua2017
commented on August 23, 2024
X-Cstp-Split-Include:
这个信息不能为空
补全后,测试问题依旧
2021/01/13 13:47:27 link_tunnel.go:70: [Debug] 192.168.214.10 02:00:ac:1a:05:0e demo
2021/01/13 13:47:27 link_tunnel.go:138: [Debug] Server: AnyLink 0.0.8
X-Cstp-Address: 192.168.214.10
X-Cstp-Client-Bypass-Protocol: false
X-Cstp-Disable-Always-On-Vpn: false
X-Cstp-Disconnected-Timeout: 18000
X-Cstp-Dns: 114.114.114.114
X-Cstp-Dns: 8.8.8.8
X-Cstp-Dpd: 30
X-Cstp-Hostname: anylink
X-Cstp-Idle-Timeout: 18000
X-Cstp-Keep: true
X-Cstp-Keepalive: 20
X-Cstp-Lease-Duration: 1209600
X-Cstp-License: accept
X-Cstp-Msie-Proxy-Lockdown: true
X-Cstp-Mtu: 1399
X-Cstp-Netmask: 255.255.255.0
X-Cstp-Protocol: Copyright (c) 2004 Cisco Systems, Inc.
X-Cstp-Quarantine: false
X-Cstp-Rekey-Method: new-tunnel
X-Cstp-Rekey-Time: 172800
X-Cstp-Routing-Filtering-Ignore: false
X-Cstp-Session-Timeout: none
X-Cstp-Session-Timeout-Alert-Interval: 60
X-Cstp-Session-Timeout-Remaining: none
X-Cstp-Smartcard-Removal-Disconnect: true
X-Cstp-Split-Exclude: 0.0.0.0/255.255.255.255
X-Cstp-Split-Exclude: 192.168.11.0/255.255.255.0
X-Cstp-Split-Include: 192.168.18.0/255.255.255.0
X-Cstp-Tcp-Keepalive: false
X-Cstp-Tunnel-All-Dns: false
X-Cstp-Version: 1
X-Dtls-Keepalive: 20
X-Dtls-Mtu: 1399
X-Dtls-Port: 4433
X-Dtls-Rekey-Time: 5400
X-Dtls-Session-Id: bf23df96a52499dcc73fc3e3afe52b9d29d2d0094bcbabefb0bf9a2db05d0105
X-Dtls12-Ciphersuite: ECDHE-ECDSA-AES128-GCM-SHA256
2021/01/13 13:47:27 link_cstp.go:54: [Debug] DISCONNECT 192.168.214.10
2021/01/13 13:47:27 closeOnce: 192.168.214.10
2021/01/13 13:47:27 link_tun.go:104: [Error] tun Read err 0 read tun: file already closed
from anylink.
bjdgyc
commented on August 23, 2024
临时建了一个qq群,可以进群讨论下
567510628
from anylink.
Related Issues (20)
- 建议修改认证方式为单独使用OTP选项或者单独使用PIN选项或者二者结合使用
- 希望可以在用户组的“权限控制“页面中添加和“路由设置”一样的编辑模式
- link_tun.go:20: [Fatal] open tun err: no such device HOT 2
- affected/package: 无法编译出主程序二进制文件 HOT 1
- Gmail QR Code無正常顯示 HOT 3
- 客户端连接报tunnel negotiation failed 401 Unauthorized HOT 6
- [docker] 创建镜像并配置好证书,用户, 客户端可以远程连接,但无法访问内网 HOT 1
- affected/package: 安全性方面增加频率控制
- affected/package: 0.12.1 使用建议
- 在线用户能否增加姓名显示 HOT 2
- 是否可以增对配置的导入导出功能,方便备份
- 希望增加用户流量统计功能
- 希望增加自定义接口名称的前缀的功能
- anylink支持能否增加支持【accept-challenge】消息,先输入密码,验证成功后再次输入TOTP验证码
- 希望可以增加企业微信的机器人发送通知.
- 功能性改进-添加防爆破功能增强安全性 HOT 1
- 不使用docker,编译server报错main.go:19:12: pattern ui: no matching files found HOT 1
- docke 容器部署,vpn能连接上,但是只能访问到docker容器的ip地址,其他地址无法访问到 HOT 2
- 失败登录的打印来源ip
- affected/package: 审计日志中用户访问日志希望能支持icmp协议访问的记录
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from anylink.