Description of problem: Can't connect to VPN under Fedora 24, but on Windows 10 Cisco AnyConnect client connect fine. Version-Release number of selected component (if applicable): # rpm -q openconnect openconnect-7.06-4.fc24.x86_64 How reproducible: # openconnect -vvv 85.248.4.70 POST https://85.248.4.70/ Attempting to connect to server 85.248.4.70:443 SSL negotiation with 85.248.4.70 Server certificate verify failed: signer not found Certificate from VPN server "85.248.4.70" failed verification. Reason: signer not found Enter 'yes' to accept, 'no' to abort; anything else to view: yes Connected to HTTPS on 85.248.4.70 Got HTTP response: HTTP/1.0 302 Temporary moved Set-Cookie: tg=0WlYtR2xvYmFs; path=/; secure Content-Length: 0 Cache-Control: no-cache Pragma: no-cache Connection: Close Date: Tue, 10 May 2016 18:32:55 GMT X-Frame-Options: SAMEORIGIN Location: /+webvpn+/index.html HTTP body length: (0) GET https://85.248.4.70/ Attempting to connect to server 85.248.4.70:443 SSL negotiation with 85.248.4.70 Server certificate verify failed: signer not found Connected to HTTPS on 85.248.4.70 Got HTTP response: HTTP/1.0 302 Temporary moved Set-Cookie: tg=0WlYtR2xvYmFs; path=/; secure Content-Length: 0 Cache-Control: no-cache Pragma: no-cache Connection: Close Date: Tue, 10 May 2016 18:32:55 GMT X-Frame-Options: SAMEORIGIN Location: /+webvpn+/index.html HTTP body length: (0) GET https://85.248.4.70/+webvpn+/index.html SSL negotiation with 85.248.4.70 Server certificate verify failed: signer not found Connected to HTTPS on 85.248.4.70 Got HTTP response: HTTP/1.1 200 OK Transfer-Encoding: chunked Content-Type: text/xml Cache-Control: max-age=0 Set-Cookie: webvpn=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure Set-Cookie: webvpnc=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure Set-Cookie: webvpnlogin=1; secure X-Frame-Options: SAMEORIGIN X-Transcend-Version: 1 HTTP body chunked (-2) Please enter your username and password. Username:east-kronospan\nasibu1 Password: POST https://85.248.4.70/+webvpn+/index.html Got HTTP response: HTTP/1.1 200 OK Transfer-Encoding: chunked Content-Type: text/xml Cache-Control: max-age=0 Set-Cookie: webvpn=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure Set-Cookie: webvpnc=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure Set-Cookie: webvpnlogin=1; secure X-Frame-Options: SAMEORIGIN X-Transcend-Version: 1 HTTP body chunked (-2) Login denied. Your environment does not meet the access criteria defined by your administrator. Please enter your username and password. Username:
Apologies for the delay in responding to this. It's likely that your server is configured to refuse access to Linux clients. You can tweak the UserAgent that's presented, and even the OS that we claim to be, on the openconnect command line. But other than that, I'm not sure there's a lot we can do in a generic fashion to support this. Please ask on the openconnect-devel.org mailing list (you can just post there; you don't need to subscribe) if you need some help trying to find working settings.
*** Bug 1334890 has been marked as a duplicate of this bug. ***
Is possible add change UserAgent option in NetworkManager-openconnect-gnome? I prefer use Network manager for configuring network.