Openconnect VPN Server

zohaib09 · 07-06-2020, 12:23 PM

Hi

We have installed openconnect on Ubuntu 20.04.

Facing issue client VPN remains connected (receives ping from vpn gateway) till first http request. After first http/https/browsing request (ping start to drop forever). following error start to appear in error logs

GnuTLS error (at worker-vpn.c:795): An unexpected TLS packet was received.

Can anybody advice please?

ferrari · 07-06-2020, 06:53 PM

I don't use OpenConnect, but based on your comment about https I would suggest that you need to use a different port for OpenConnect....

https://www.alibabacloud.com/blog/ho...-server_595185

Quote:

The default port used by OpenConnect VPN is 443. Normally a port can only be used by one service. In case you want to use port 443 for another service such as running HTTPS websites on it, then you have to change ocserv listening port number to avoid conflicts.

You can do that by re-editing the /etc/ocserv/ocserv.conf file, then find the following lines and change 443 to the desired port number.

# TCP and UDP port number
tcp-port = 443
udp-port = 443

Also edit /lib/systemd/system/ocserv.socket file:

nano /lib/systemd/system/ocserv.socket

Then, change ListenStream 443 and ListenDatagram 443 to the same port number, then run the systemctl daemon-reload command.

After making these changes, save the file and exit, then restart the OpenConnect VPN server for the changes to take effect. You can do this by running the systemctl restart ocserv command.

mcroomor · 07-13-2020, 06:23 AM

I have the same issue with [link removed].

TB0ne · 07-13-2020, 08:14 AM

Quote:

Originally Posted by mcroomor

I have the same issue with client VPN.

And it has the same solution as suggested above. Use a different port.

rtmistler · 07-14-2020, 11:30 AM

Quote:

Originally Posted by mcroomor

I have the same issue with [link removed].

@mcroomor,

If you wish to advertise on the Linux Questions site, please see the links at the bottom of the page for advertising info.