"
hi all
to start with, i am not a network specialist but a sys admin and, i need some help with opnsense.
i am trying to upse openconnect -protocol anyconnect to connect fro home to my company network.
i had to modify the script as follow to allow for OTP code send:
===============================================================================
#!/bin/sh
#
# $FreeBSD$
#
# PROVIDE: opnsense-openconnect
# REQUIRE: SERVERS
# KEYWORD: shutdown
#
. /etc/rc.subr
name=openconnect
stop_cmd=openconnect_stop
start_cmd=openconnect_start
status_cmd=openconnect_status
rcvar=openconnect_enable
load_rc_config opnsense-openconnect
pidfile=/var/run/${name}.pid
command=/usr/local/sbin/${name}
secret=/usr/local/etc/openconnect.secret
#settings
user="<UserName>"
host="<Host Name>"
tmpif="tun30000"
iface="ocvpn0"
pidfile="/tmp/${iface}.pid"
script="/usr/local/sbin/vpnc-script"
openconnect="/usr/local/sbin/openconnect"
ifconfig="/sbin/ifconfig"
[ -z "$openconnect_enable" ] && openconnect_enable="NO"
openconnect_status()
{
if [ -n "$rc_pid" ]; then
echo "${name} is running as pid $rc_pid."
return 0
else
echo "${name} is not running."
fi
}
openconnect_stop()
{
if [ -n "$rc_pid" ]; then
echo "stopping openconnect"
# ifconfig ocvpn0 name tun30000
# kill -2 ${rc_pid}
$ifconfig "$tmpif" down 2>/dev/null || :
$ifconfig "$tmpif" destroy 2>/dev/null || :
$ifconfig "$iface" down 2>/dev/null || :
$ifconfig "$iface" destroy 2>/dev/null || :
else
echo "${name} is not running."
fi
}
openconnect_start()
{
echo "starting openconnect"
openconnect --background --pid-file="$pidfile" --interface="$tmpif" --user="$user" --authgroup="<Group Name>" --script="$script" -protocol=anyconnect "$host"
sleep 5
ifconfig $tmpif name $iface
ifconfig $iface group ocvpn
return 0
}
run_rc_command $
===============================================================================
as you can see blow, the connection is established and the interface put up but, around 30 seconds after, it is put down :(
see image in attachment
Any clever idea?
Best Regards
to start with, i am not a network specialist but a sys admin and, i need some help with opnsense.
i am trying to upse openconnect -protocol anyconnect to connect fro home to my company network.
i had to modify the script as follow to allow for OTP code send:
===============================================================================
#!/bin/sh
#
# $FreeBSD$
#
# PROVIDE: opnsense-openconnect
# REQUIRE: SERVERS
# KEYWORD: shutdown
#
. /etc/rc.subr
name=openconnect
stop_cmd=openconnect_stop
start_cmd=openconnect_start
status_cmd=openconnect_status
rcvar=openconnect_enable
load_rc_config opnsense-openconnect
pidfile=/var/run/${name}.pid
command=/usr/local/sbin/${name}
secret=/usr/local/etc/openconnect.secret
#settings
user="<UserName>"
host="<Host Name>"
tmpif="tun30000"
iface="ocvpn0"
pidfile="/tmp/${iface}.pid"
script="/usr/local/sbin/vpnc-script"
openconnect="/usr/local/sbin/openconnect"
ifconfig="/sbin/ifconfig"
[ -z "$openconnect_enable" ] && openconnect_enable="NO"
openconnect_status()
{
if [ -n "$rc_pid" ]; then
echo "${name} is running as pid $rc_pid."
return 0
else
echo "${name} is not running."
fi
}
openconnect_stop()
{
if [ -n "$rc_pid" ]; then
echo "stopping openconnect"
# ifconfig ocvpn0 name tun30000
# kill -2 ${rc_pid}
$ifconfig "$tmpif" down 2>/dev/null || :
$ifconfig "$tmpif" destroy 2>/dev/null || :
$ifconfig "$iface" down 2>/dev/null || :
$ifconfig "$iface" destroy 2>/dev/null || :
else
echo "${name} is not running."
fi
}
openconnect_start()
{
echo "starting openconnect"
openconnect --background --pid-file="$pidfile" --interface="$tmpif" --user="$user" --authgroup="<Group Name>" --script="$script" -protocol=anyconnect "$host"
sleep 5
ifconfig $tmpif name $iface
ifconfig $iface group ocvpn
return 0
}
run_rc_command $
===============================================================================
as you can see blow, the connection is established and the interface put up but, around 30 seconds after, it is put down :(
see image in attachment
Any clever idea?
Best Regards
