-
-
Notifications
You must be signed in to change notification settings - Fork 138
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Connection keeps resetting, error message GPST Dead Peer Detection detected dead peer! #364
Comments
Looks related to https://gitlab.com/openconnect/openconnect/-/issues/701 Can you try it with submitting HIP? |
Tried, HIP error message goes away but connectivity problem persists. |
For me today, with my organization's UK gateway, |
That's very helpful. I'm adding |
That addition, in today's https://github.com/yuezk/GlobalProtect-openconnect/releases/tag/v2.3.0, got me in for the first time with the 2.x code. |
@martindorey so the @yjjl can you try 2.3.0 with the |
To the particular gateway I was using above, in somewhere between five and ten trials, I've got in with ssh every time with |
Hi, 2024-05-21T09:53:46Z INFO openconnect::ffi] Tunnel timeout (rekey interval) is 180 minutes. tried both of Any ideas what could be the issue here? |
I should add that error message reappears whenever I try to make a new connection (e.g. open a web page). |
@yjjl can you try with the
|
Authentication doesn't work that way, get the following error message: xxx.xx I've tried to complete the SAML authentication by opening the link and then running openconnect but the same issue reappears. |
Same issue here, we don't use any SSO so I can provide the requested logs (no difference with/without
For completeness sake, logs without
|
Hi, I have the same problem as @yjjl I'm using SAML authentication via Okta. Tested the same things, same outcome. In my case, once the connection has been made, there is almost no traffic, but somehow a few (very few) packets are able to reach the target and back (i.e., during a continuous ping). Tried to play with the MTU, no success. |
Update - today I managed to get it to run without having made any changes (other than the --disable-ipv6 flag). The connection is extremely intermittent and frequently disconnects completely, but at least works some of the time unlike before although not reliably enough to be useable. I suspect there have been changes server-side but our central IT staff are not very transparent about any changes. |
Used to work until recently, no known changes server-side
SAML authentication works, but no internet connectivity once connection has been made.
Connection information returns Default route 0.0.0.0 for tun interface
Output below
Command line output:
Logs
GUI log: (same issues)
Environment:
ps aux | grep 'gnome-keyring\|kwalletd5' | grep -v grep
: [Required for secure store error]xx 1663 0.0 0.0 243840 7576 ? Sl 16:16 0:00 /usr/bin/gnome-keyring-daemon --daemonize --login
xx 5423 0.0 0.0 243696 8960 ? Sl 16:23 0:00 /usr/bin/gnome-keyring-daemon --start --foreground --components=secrets
The text was updated successfully, but these errors were encountered: