The VPN client failed to establish a connection

[Infinality]

First of all, thank you for this genius solution. I've found that it only intermittently connects. Sometimes when I try, it works, and other times, I get the error that it failed to establish a connection, after clicking the "Accept" on the banner notification. I believe the auth is working, but it dies after that very last step. I've also had intermittent issues when it successfully connects, where vpnagentd keeps overwriting /etc/resolv.conf even when I: chattr +i /etc/resolv.conf.

It's entirely possible this is something on the VPN server side, but I wanted to see if you had any ideas.

Using version 4.9.01095

EDIT: Added debug output. vpn.txt

[garrettskj]

Which version of Fedora do you have? I'll install and run it and see. Also, do you know if you have any additional VPN components that are used? HostScan, Posturing, etc?

[Infinality]

It's 5.7.11-200.fc32.x86_64. I honestly don't know which VPN components are being used. I have had intermittent success with the following simple configuration though:

`<?xml version="1.0" encoding="UTF-8"?>

redacted redacted IPsec `

[Infinality]

I'm wondering if it's actually some version mismatch. I see this in the error log: "Skipping update of AnyConnect Secure Mobility Client 4.7.04056 because an up-to-date version is already installed."

I mean, the client should be able to tolerate an older version on the server, but this is Cisco, and I know not to assume anything. :)

EDIT: Nope, I successfully installed an patched 4.7.04056 and get the same issue. I get this with the unpatched version as well, so I'm guessing this bug is not due to anything with your patch. Sorry for the noise!

[garrettskj]

No worries, judging by the VPN log, it looks like perhaps it's surrounding IKEv2 (?) which I've never tested with, only SSL based configuration. I need to test this anyway with 2028, and the new 3047, so it's a good reminder.