I am trying to connect to a cisco vpn with host, user name and password on CLI inside a docker container.
I tried it in two approaches
Using anyconnect-linux64-4.10.0707, it's working fine in my friend's local(ubuntu) but in my local(wsl) giving
Cisco AnyConnect Secure Mobility Client (version 4.10.07073) .Copyright (c) 2004 - 2023 Cisco Systems, Inc. All Rights Reserved.>> state: Disconnected>> state: Disconnected>> notice: Ready to connect.>> registered with local VPN subsystem.>> contacting host (https://connect.****.co.in/support) for login information...>> notice: Contacting https://connect.****.co.in/support.AnyConnect cannot verify server: connect.****.co.in - Certificate does not match the server name. - Certificate is from an untrusted source.Connecting to this server may result in a severe security compromise!Most users do not connect to untrusted servers unless the reason for the error condition is known.Connect Anyway? [y/n]: y>> Please enter your username and password.Username: [*******] *************Password:>> state: Connecting>> notice: Establishing VPN session...The AnyConnect Downloader is analyzing this computer. Please wait...Initializing the AnyConnect Downloader...The AnyConnect Downloader is performing update checks...>> notice: The AnyConnect Downloader is performing update checks...>> notice: Checking for profile updates...Failed to get configuration because AnyConnect cannot confirm it is connected to your secure gateway. Contact your system administrator.>> notice: Connection attempt has failed.>> error: AnyConnect was not able to establish a connection to the specified secure gateway. Please try connecting again.>> state: Disconnectedalso having same problem in my server(ubuntu)
Using Openconnect, It's working fine in my local and also in server, but sometimes inside my docker container, it's connecting for the first time, after that if I have to connect again, it's working only if the docker is restarted. The output of the connection afer connecting for the first time is
POST https://connect.****.co.in/supportConnected to 203.175.185.45:443SSL negotiation with connect.hpcl.co.inServer certificate verify failed: signer not foundCertificate from VPN server "connect.****.co.in" failed verification.Reason: signer not foundTo trust this server in future, perhaps add this to your command line: --servercert pin-sha256:WBMBYf/0vJMIvbXJMlxLJTWhQds9c8/bFX5JQWuWXg8=Enter 'yes' to accept, 'no' to abort; anything else to view: yesConnected to HTTPS on connect.hpcl.co.in with ciphersuite (TLS1.2)-(ECDHE-SECP256R1)-(RSA-SHA512)-(AES-256-GCM)XML POST enabledPlease enter your username and password.Password:POST https://connect.****.co.in/Got CONNECT response: HTTP/1.1 200 OKCSTP connected. DPD 30, Keepalive 20Connected as 10.90.213.87, using SSL, with DTLS in progressEstablished DTLS connection (using GnuTLS). Ciphersuite (DTLS1.2)-(ECDHE-RSA)-(AES-256-GCM)later it's giving
/usr/sbin/openconnectgetaddrinfo failed for host 'connect.****.co.in': Temporary failure in name resolutionFailed to open HTTPS connection to connect.hpcl.co.inFailed to obtain WebVPN cookiePOST https://connect.****.co.in/supportwhat could be the possible reason
In case of anyconnect, I tried recreating the docker image, uninstall the anyconnect using vpn_uninstall.sh file and re-installing it, restarting vpnagentd service.
In case of openconnect recreated the docker.
I want to know what's the issue, Is there any alternaves other than the abve ones for connecting to a cisco vpn.