I have been having some problems with openconnect in my Arch Linux (Antergos to be precise) and I have no idea what's causing it. (Although I'm used to linux and all, I'm very new to VPNs and openconnect.)
I'm trying to connect to my University's VPN via 2 methods. I start by following the instructions, which simply say to create a Cisco AnyConnect Compatible VPN and input the name and gateway.
When I do it this way and try to connect via the network-manager applet it doesn't work. When I flip the VPN switch it simply flips right back immediately and that's it. No error messages or anything.
The second approach I'm trying is via command line. So I try this
$ sudo openconnect -u myusername my.gateway.edu
(I'm replacing the actual gateway with my.gateway.edu and also the username and blurring relevant IPs from now on)
This is the log I get from that input:
POST https://my.gateway.edu/
Connected to 164.**.**.**:443
SSL negotiation with my.gateway.edu
Server certificate verify failed: signer not found
Certificate from VPN server "my.gateway.edu" failed verification.
Reason: signer not found
To trust this server in future, perhaps add this to your command line:
--servercert sha256:bb2476a96b88357fe74f28a347ba549a2af4bea8668e30a77e1a8295f466bfdc
Enter 'yes' to accept, 'no' to abort; anything else to view: yes
Connected to HTTPS on my.gateway.edu
Got HTTP response: HTTP/1.1 401 Unauthorized
Error generating GSSAPI response:
gss_init_sec_context(): Unspecified GSS failure. Minor code may provide more information
gss_init_sec_context(): SPNEGO cannot find mechanisms to negotiate
Server 'my.gateway.edu' requested Basic authentication which is disabled by default
GET https://my.gateway.edu/
Connected to 164.**.**.**:443
SSL negotiation with my.gateway.edu
Server certificate verify failed: signer not found
Connected to HTTPS on my.gateway.edu
Got HTTP response: HTTP/1.1 401 Unauthorized
No more authentication methods to try
GET https://my.gateway.edu/
Please enter your username.
POST https://my.gateway.edu/auth
Please enter your password.
Password:
POST https://my.gateway.edu/auth
Got CONNECT response: HTTP/1.1 200 CONNECTED
CSTP connected. DPD 90, Keepalive 32400
Connected as 169.**.***.**, using SSL
DTLS handshake failed: Resource temporarily unavailable, try again.
Failed to open tun device: No such device
Set up tun device failed
Unknown error; exiting.
I have asked the University's IT support but they also don't know what's happening (I think they're not very familiar with Arch Linux). I have tried some other things such as using the flag --script /etc/vpnc/vpnc-script but the result is the same.
EDIT
I have recently come across this website via the IT people that says that I have to create a tunnel device before connecting. Even after doing that the results of sudo openconnect -u myusername my.gateway.edu --interface tun1 are still the same.
Best Answer
I just had this problem. The solution above didn't work for me, but after a bit of Googling, I found this thread which explains/hypothesize that the issue has been caused by
pacman -Syuwhich has caused the kernel to be updated and as the result, there are some mismatch things which can be solved by simply restarting the computer.