Insufficient configuration found using Pulse protocol
When trying to connection using the pulse protocol the two factor authentication succeeds. But the vpn connection does not, getting the response "Insufficient configuration found". Colleagues with different OS'ses (Windows, Mac, Linux) are able to connect, therefore the problem seems to be clientside.
I am running on openSuse Tumbleweed. Tried openconnect 8.10, 8.20 and 9.01. Compiling from source and using Networkmanager from disto gets the same result. Logging shows:
> sudo ./openconnect -vvv -u xxxx --no-dtls --protocol=pulse mycompany/extsms
[sudo] wachtwoord voor root:
Attempting to connect to server x.x.x.x:443
Connected to x.x.x.x:443
SSL negotiation with mycompany
Connected to HTTPS on mycompany with ciphersuite (TLS1.2)-(ECDHE-SECP256R1)-(RSA-SHA512)-(AES-256-GCM)
Got HTTP response: HTTP/1.1 101 Switching Protocols
Content-type: application/octet-stream
Pragma: no-cache
Upgrade: IF-T/TLS 1.0
Connection: Upgrade
X-XSS-Protection: 1
Strict-Transport-Security: max-age=31536000
> 0000: 00 00 55 97 00 00 00 01 00 00 00 14 00 00 00 00 |..U.............|
> 0010: 00 01 02 02 |....|
IF-T/TLS version from server: 2
> 0000: 00 00 0a 4c 00 00 00 88 00 00 00 47 00 00 00 01 |...L.......G....|
> 0010: 63 6c 69 65 6e 74 48 6f 73 74 4e 61 6d 65 3d xx |clientHostName=x|
> 0020: xx xx xx xx xx xx xx xx xx xx xx xx xx xx 20 63 |xxxxxxxxxxxxxx c|
> 0030: 6c 69 65 6e 74 49 70 3d 31 39 32 2e 31 36 38 2e |lientIp=192.168.|
> 0040: 30 2e 31 32 32 0a 00 |0.122..|
> 0000: 00 00 55 97 00 00 00 06 00 00 00 22 00 00 00 02 |..U........"....|
> 0010: 00 0a 4c 01 02 01 00 0e 01 61 6e 6f 6e 79 6d 6f |..L......anonymo|
> 0020: 75 73 |us|
AVP 0x583/0xd49: 00 00 00 04
AVP 0x583/0xd4a: 00 00 00 01
AVP 0x583/0xd56: '3c35533d-1849-42eb-9978-24936484531a'
> 0000: 00 00 55 97 00 00 00 06 00 00 00 54 00 00 00 03 |..U........T....|
> 0010: 00 0a 4c 01 02 02 00 40 fe 00 0a 4c 00 00 00 01 |..L....@...L....|
> 0020: 00 00 0d 70 80 00 00 33 00 00 05 83 4f 70 65 6e |...p...3....Open|
> 0030: 20 41 6e 79 43 6f 6e 6e 65 63 74 20 56 50 4e 20 | AnyConnect VPN |
> 0040: 41 67 65 6e 74 20 76 39 2e 30 31 2d 75 6e 6b 6e |Agent v9.01-unkn|
> 0050: 6f 77 6e 00 |own.|
AVP 79: 01 00 00 0d fe 00 0a 4c 00 00 00 02 01
Pulse password auth request, code 0x01
Enter user credentials:
Password:
> 0000: 00 00 55 97 00 00 00 06 00 00 00 58 00 00 00 04 |..U........X....|
> 0010: 00 0a 4c 01 02 03 00 44 fe 00 0a 4c 00 00 00 01 |..L....D...L....|
> 0020: 00 00 0d 6d 80 00 00 13 00 00 05 83 xx xx xx xx |...m........xxxx|
> 0030: xx xx xx 00 00 00 00 4f 40 00 00 22 02 00 00 1a |xxx....O@.."....|
> 0040: fe 00 0a 4c 00 00 00 02 02 02 0d xx xx xx xx xx |...L.......xxxxx|
> 0050: xx xx xx xx xx xx 00 00 |xxxxxx..|
AVP 0x583/0xd73: 00 00 00 0f
AVP 79: 01 01 00 27 06 50 6c 65 61 73 65 20 65 6e 74 65 72 20 79 6f 75 72 20 6f 6e 65 74 69 6d 65 20 70 61 73 73 77 6f 72 64
Pulse password general token code request
Token code request:
Please enter your secondary token information:
> 0000: 00 00 55 97 00 00 00 06 00 00 00 34 00 00 00 05 |..U........4....|
> 0010: 00 0a 4c 01 02 04 00 20 fe 00 0a 4c 00 00 00 01 |..L.... ...L....|
> 0020: 00 00 00 4f 40 00 00 13 02 01 00 0b 06 xx xx xx |...O@........xxx|
> 0030: xx xx xx 00 |xxx.|
AVP 0x583/0xd53: 'e900a8ca743ac2f37b350163d08d848f'
AVP 0x583/0xd8b: '9877621fe71b2a47'
AVP 0x583/0xd5c: 00 00 0e 10
AVP 0x583/0xd54: 'x.x.x.x/extsms'
AVP 0x583/0xd55: '1d8d3cfed3eb5139f1c853e196481637'
AVP 0x583/0xd6b: 00 00 00 10
AVP 0x583/0xd75: 00 00 00 00
AVP 0x583/0xd57: 00 00 00 00
> 0000: 00 00 55 97 00 00 00 06 00 00 00 20 00 00 00 06 |..U........ ....|
> 0010: 00 0a 4c 01 02 05 00 0c fe 00 0a 4c 00 00 00 01 |..L........L....|
Insufficient configuration found
Creating SSL connection failed
Unknown error; exiting.