[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openconnect-devel
Subject:    Re: Cannot enter 2FA code
From:       Daniel Lenski <dlenski () gmail ! com>
Date:       2022-05-17 22:56:25
Message-ID: CAOw_LSE8YwHroeqKbx-41NRD85XB92WSPww57RjS2chi1D4kmw () mail ! gmail ! com
[Download RAW message or body]

On Thu, May 12, 2022 at 2:19 PM Henry Luis
<Henry.Luis@networkedenergy.com> wrote:
> Today, openconnect prompts me for the 2FA code but does not give me the chance to \
> enter it (see the "Enter PASSCODE" line below).  The same happens when I use the \
> network manager Gnome GUI. This used to work as of yesterday.

Clearly, something must have changed on your *server*, because nothing
changed about the client *software* that you're running… right?

My educated guess from the limited information here is that the form
field sent by the server to request the 2FA code has changed in such a
way that OpenConnect doesn't recognize it as a fillable field anymore.
But that's only a guess.

1. Use `openconnect -vvv --dump` to add copious additional debugging
information. To figure this out, we'll particularly want to see the
details of the "challenge"/2FA form, sent in response to
the initial `POST https://my-vpn-dot-com/+webvpn+/index.html`.

2. You're using an old version of OpenConnect, as shown by the exact
error messages. What does `openconnect --version` show?

3. Newer versions have better error messages *and* work with servers with
newer authentication-related behavior. I'd recommend building v9.01
from source (https://www.infradead.org/openconnect/building.html) and
testing that, to see if it makes your connection work again.

Dan

_______________________________________________
openconnect-devel mailing list
openconnect-devel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/openconnect-devel


[prev in list] [next in list] [prev in thread] [next in thread]