Closed chrisant996 closed 2 years ago
Sorry for piling up work on you, I just made the module work for my config and called it good, I didn't check the other flows (as I didn't want to mess my working config).
This is the full output of vpncli state
when disconnected:
Cisco AnyConnect Secure Mobility Client (version 4.9.01095) .
Copyright (c) 2004 - 2020 Cisco Systems, Inc. All Rights Reserved.
>> state: Disconnected
>> state: Disconnected
>> state: Disconnected
>> notice: Ready to connect.
>> registered with local VPN subsystem.
VPN>
and this is the full output of vpncli state
when connected:
Cisco AnyConnect Secure Mobility Client (version 4.9.01095) .
Copyright (c) 2004 - 2020 Cisco Systems, Inc. All Rights Reserved.
>> state: Connected
>> state: Connected
>> state: Connected
>> registered with local VPN subsystem.
VPN>
Looking at the command options i see there's a vpncli stats
command which has the following outputs.
But the command itself takes longer to complete running, about 1.5-2s (vpn state
takes 200-500ms)
Disconnected:
Cisco AnyConnect Secure Mobility Client (version 4.9.01095) .
Copyright (c) 2004 - 2020 Cisco Systems, Inc. All Rights Reserved.
>> state: Disconnected
>> state: Disconnected
>> notice: Ready to connect.
>> registered with local VPN subsystem.
VPN>
[ Connection Information ]
Connection State: Disconnected
Tunnel Mode (IPv4): Not Available
Tunnel Mode (IPv6): Not Available
Dynamic Tunnel Exclusion: Not Available
Dynamic Tunnel Inclusion: Not Available
Duration: 00:00:00
Session Disconnect: None
Management Connection State: Disconnected (disabled)
[ Address Information ]
Client Address (IPv4): Not Available
Client Address (IPv6): Not Available
Server Address: Not Available
[ Bytes ]
Bytes Sent: 0
Bytes Received: 0
[ Frames ]
Packets Sent: 0
Packets Received: 0
[ Control Frames ]
Control Packets Sent: 0
Control Packets Received: 0
[ Client Management ]
Administrative Domain: Not Available
Profile Name: Not Available
[ Transport Information ]
Protocol: Unknown
Cipher: Unknown
Compression: None
Proxy Address: Not Available
FIPS Mode: Disabled
[ Feature Configuration ]
FIPS Mode: Disabled
Trusted Network Detection: Enabled
Always On: Disabled
[ Secure Mobility Solution ]
Network Status: Available
Appliance: Not Available
SMS Status: Not Available
VPN>
Connected (I redacted the server name in notice: Connected to
, normally it's a valid hostname and I changed some of the IP addresses)
Cisco AnyConnect Secure Mobility Client (version 4.9.01095) .
Copyright (c) 2004 - 2020 Cisco Systems, Inc. All Rights Reserved.
>> state: Connected
>> state: Connected
>> registered with local VPN subsystem.
>> state: Connected
>> notice: Connected to vpn--redacted--02.gw.--redacted--.org.
VPN>
[ Connection Information ]
Connection State: Connected
Tunnel Mode (IPv4): Split Exclude
Tunnel Mode (IPv6): Drop All Traffic
Dynamic Tunnel Exclusion: None
Dynamic Tunnel Inclusion: None
Duration: 00:00:28
Session Disconnect: 23 Hours 59 Minutes Remaining
Management Connection State: Disconnected (user tunnel active)
[ Address Information ]
Client Address (IPv4): 10.238.240.197
Client Address (IPv6): Not Available
Server Address: 84.21.34.333
[ Bytes ]
Bytes Sent: 259597
Bytes Received: 2033410
[ Frames ]
Packets Sent: 1916
Packets Received: 2372
[ Control Frames ]
Control Packets Sent: 2
Control Packets Received: 1
[ Client Management ]
Administrative Domain: Undefined
Profile Name: Not Available
[ Transport Information ]
Protocol: DTLSv1.2
Cipher: ECDHE_ECDSA_AES256_GCM_SHA384
Compression: None
Proxy Address: Not Available
FIPS Mode: Disabled
[ Feature Configuration ]
FIPS Mode: Disabled
Trusted Network Detection: Enabled
Always On: Disabled
[ Secure Mobility Solution ]
Network Status: Network Access: Restricted
Appliance: Not Available
SMS Status: Unconfirmed
[ Secured Routes (IPv4) ]
Network Subnet Host(s)
0.0.0.0 0
[ Secured Routes (IPv6) ]
Network Subnet Host(s)
[ Non-Secured Routes (IPv4) ]
Network Subnet Host(s)
333.222.128.0 22
333.222.0.0 16
333.222.0.0 15
333.222.0.0 14
333.222.32.0 22
333.222.140.0 22
333.222.6.152 31
333.222.160.0 20
333.222.0.0 13
333.222.18.10 31
333.222.33.215 32
333.222.197.215 32
333.222.0.0 16
333.222.0.0 14
333.222.0.0 17
333.222.0.0 15
333.222.64.0 18
333.222.0.0 14
333.222.78.88 32
333.222.151.216 32
333.222.127.197 32
333.222.245.115 32
333.222.1.120 32
333.222.248.32 29
333.222.252.192 28
333.222.2.128 25
333.222.151.0 25
333.222.58.0 25
333.222.227.192 26
333.222.155.0 25
333.222.145.0 25
333.222.130.0 25
333.222.59.128 25
333.222.45.128 25
333.222.172.128 25
333.222.67.0 25
333.222.96.24 29
333.222.48.16 29
333.222.16.16 29
333.222.208.16 29
333.222.48.8 29
333.222.208.104 29
333.222.255.0 25
333.222.218.128 25
333.222.72.16 29
333.222.13.120 29
333.222.170.128 25
333.222.193.136 29
333.222.1.16 29
333.222.0.0 18
333.222.120.16 29
333.222.181.128 29
333.222.165.168 29
333.222.120.64 29
333.222.72.32 29
333.222.32.136 29
333.222.16.168 29
333.222.128.0 18
333.222.56.0 25
333.222.4.128 25
333.222.128.0 17
333.222.136.0 22
333.222.40.0 22
333.222.128.0 17
333.222.0.0 14
333.222.0.0 14
333.222.6.156 31
333.222.7.190 31
333.222.9.156 31
333.222.3.0 24
333.222.140.6 32
333.222.6.171 32
333.222.126.169 32
333.222.125.22 32
333.222.240.113 32
333.222.91.243 32
333.222.237.237 32
333.222.155.234 32
333.222.203.190 32
333.222.51.76 32
333.222.126.215 32
333.222.21.67 32
333.222.185.18 32
333.222.56.180 32
333.222.161.139 32
333.222.94.2 32
333.222.75.62 32
333.222.150.191 32
333.222.160.207 32
333.222.23.189 32
333.222.119.141 32
333.222.106.116 32
333.222.25.96 32
333.222.165.82 32
333.222.218.198 32
333.222.156.154 32
333.222.230.91 32
333.222.62.195 32
333.222.11.144 32
333.222.60.1 32
333.222.0.0 14
333.222.47.9 32
333.222.47.171 32
333.222.47.172 32
333.222.28.19 32
333.222.173.190 32
333.222.250.241 32
333.222.111.143 32
333.222.81.200 32
333.222.19.161 32
333.222.232.200 32
333.222.48.200 32
333.222.215.201 32
333.222.34.200 32
333.222.232.200 32
333.222.19.97 32
333.222.52.147 32
333.222.21.175 32
333.222.39.108 32
333.222.208.0 24
333.222.213.0 24
333.222.219.0 24
333.222.224.0 24
333.222.246.0 24
333.222.253.0 24
333.222.1.5 32
333.222.186.176 32
333.222.111.114 32
333.222.138.82 32
333.222.176.163 32
333.222.149.89 32
333.222.132.123 32
333.222.99.124 32
333.222.116.16 32
333.222.173.0 24
[ Non-Secured Routes (IPv6) ]
Network Subnet Host(s)
VPN>
As the module only displays a colored icon depending on the state of vpn/proxy env vars what should it do in no-icons mode ? Disable itself completely ?
Huh. It looked like AnyConnect can connect to different "profiles". I figured it would be able to say which profile it was connected to. But apparently it doesn't tell you what you're connected to. Just seemed odd to not be able to know what you're connected to, but I guess that's how it is. 🤷♂️
For no-icons, it can show text like "Connected" and "Disconnected" (and "AnyConnect" when it doesn't know yet or when vpncli
fails to run).
I'll finish making the changes this evening; I didn't quite finish them last night.
Committed as febc9c80d4a093566d6ca39b579fc018982dc5e4.
The new AnyConnect module is missing support for some flexprompt features and modes.
What I've noticed so far:
Also, @eblis, could you share the output from
vpncli.exe state
when a connection is established? Is there some way to find out which connection is established, so that the name can be optionally reported in the prompt text?I'll address most of the missing issues, but I can't find any information on vpncli commands and their output (internet searches are littered with fake sites for related keywords).