Bug 1399520

Summary: openconnect
Product: [Fedora] Fedora EPEL Reporter: Ilyas B Arinov <arinov.ilyas>
Component: openconnectAssignee: Nikos Mavrogiannopoulos <nmavrogi>
Status: CLOSED INSUFFICIENT_DATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: epel7CC: dwmw2, nmavrogi
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-10-27 10:10:43 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Ilyas B Arinov 2016-11-29 09:07:00 UTC 
Description of problem: Connection lost after first DPD was sent.


Version-Release number of selected component (if applicable): 7.06

 
How reproducible: Create and start openconnect connection in terminal or with NetworkManager in Gnome.


Steps to Reproduce:
1. Open the terminal.
2. Start openconnect connection to any Cisco VPN host with -v option.
3. Enter your username and password.
4. Ping any internal VPN resource and wait for DPD check.
5. The connection will be interrupted after you will receive DPD.

Actual results:
A minute of connection is the best you can today with this package.

Expected results:
Uninterrupted stable connection with openconnect. 

Additional info:
In RHEL 7 the connection is stable.

The openconnect output:

Established DTLS connection (using GnuTLS). Ciphersuite (DTLS0.9)-(RSA)-(AES-128-CBC)-(SHA1).
Send CSTP Keepalive
Send CSTP DPD
Got CSTP DPD response
Send CSTP Keepalive
Send CSTP DPD
Send CSTP DPD
Send DTLS DPD
Send CSTP DPD
CSTP Dead Peer Detection detected dead peer!
Comment 1 Nikos Mavrogiannopoulos 2016-11-29 12:57:30 UTC 
Hi Ilyas, I am unsure about the comment "in RHEL7 the connection is stable". Does it mean that the issue reported applies to Centos7 only?
Comment 2 Ilyas B Arinov 2016-12-02 08:37:12 UTC 
(In reply to Nikos Mavrogiannopoulos from comment #1)
> Hi Ilyas, I am unsure about the comment "in RHEL7 the connection is stable".
> Does it mean that the issue reported applies to Centos7 only?

Yes, check this issue to confirm it. I have some reason to doubt (sure about 192.168.1.x networks, but it seems the different networks the connection is stable).
Comment 3 Nikos Mavrogiannopoulos 2018-10-27 10:10:43 UTC 
I believe that this is a local networking issue, that is unrelated with openconnect. I'd suggest to re-open a new issue if this persists with more data that make apparent that this is an issue in openconnect, and is not related to local network.