Total Pageviews

Friday, 7 June 2019

OpenConnect client extended to support ’GlobalProtect VPN‘



The official GlobalProtect VPN clients always connect first via the portal. The portal then sends a choice of one or more gateways. However, this behavior is unnecessary, and adds an additional delay in establishing a connection.
Recent versions of openconnect can connect via either the portal endpoint or the gateway endpoint:
  • If unspecified, the gateway endpoint is tried first, then the portal endpoint.
  • For the gateway, include a URL-path starting with /ssl-vpn or specify --usergroup=gateway
  • For the portal, include a URL-path starting with /global-protect or specify --usergroup=portal
    • To choose a specific gateway from the portal without further prompting, add --authgroup $GATEWAYNAME
Example of connecting via the portal interface and getting a choice of gateway servers:
$ openconnect --protocol=gp --usergroup=portal server.company.com
Please enter your username and password.
Username:
Password:
..
Connected to HTTPS on server.company.com
3 gateway servers available:
  NorthAmerica (vpn-na.company.com)
  Europe (vpn-eu.company.com)
  Asia (vpn-asia.company.com)
Please select GlobalProtect gateway.
GATEWAY: [NorthAmerica|Europe|Asia]:
...
from https://github.com/dlenski/openconnect
------
相关帖子:
http://www.briten.info/2015/02/openconnect-server-089-for-debian-7.html
http://www.briten.info/2015/02/centos-65ocservcisco-anyconnect.html

No comments:

Post a Comment