$reason not set
sparrowek opened this issue · comments
When running:
openconnect -v --script-tun -u test -c /vpn/cert.pem -s 'vpn-slice 10.0.0.0/8' server
I get error:
Must be called as vpnc-script, with $reason set
I also get errors:
Failed to read from SSL socket: The transmitted packet is too large (EMSGSIZE).
Failed to recv DPD request (1406)
openconnect --version
OpenConnect version v8.02-1+deb10u1
Using GnuTLS. Features present: TPMv2, PKCS#11, RSA software token, HOTP software token, TOTP software token, Yubikey OATH, System keys, DTLS, ESP
Supported protocols: anyconnect (default), nc, gp
You've specified --script-tun
, meaning that you're trying to run OpenConnect's proxy mode rather than direct routing mode.
vpn-slice
doesn't support this. If you're using the proxy mode, then no OS-level routing or DNS configuration is needed. You need to run ocproxy
.
A patch to update the docs, or to detect it and give a clearer error in vpn-slice
… that would be quite welcome.
I also get errors:
Failed to read from SSL socket: The transmitted packet is too large (EMSGSIZE).
Failed to recv DPD request (1406)
These aren't related to vpn-slice
. They come from OpenConnect's MTU detection routines (https://gitlab.com/openconnect/openconnect/-/issues/157), which have been considerably improved post OpenConnect v8.02.