Disable DTLS on broken clients
openconnect clients using gnutls 3.6.3 to 3.6.12 send an incorrect random value. We should protect those clients by refusing DTLS negotiation when the random value is zero.
As of 2024-05-14 a change has been implemented to enforce access token expiry. If you see higher numbers of HTTP 401 responses, please check tokens that may have expired. For more details, including how to mitigate disruption, please check our docs guide on Expired Access Tokens. If you have a support contract, you may open a support ticket for additional assistance.
openconnect clients using gnutls 3.6.3 to 3.6.12 send an incorrect random value. We should protect those clients by refusing DTLS negotiation when the random value is zero.