yuezk / GlobalProtect-openconnect

A GlobalProtect VPN client for Linux, written in Rust, based on OpenConnect and Tauri, supports SSO with MFA, Yubikey, and client certificate authentication, etc.
GNU General Public License v3.0
1.39k stars 154 forks source link

Log out instantly after connected with gateway successfully #350

Open mahadmughal opened 6 months ago

mahadmughal commented 6 months ago

Describe the bug The client logs out instantly after connected my gateway 'access.nhc.sa'

Expected behavior It should stay connected. Yesterday, it was connected.

Screenshots If applicable, add screenshots to help explain your problem.

Logs VPN connectivity may be disabled or limited without HIP report submission. You need to provide a --csd-wrapper argument with the HIP report submission script. [2024-04-24T05:35:18Z INFO openconnect::ffi] ESP session established with server [2024-04-24T05:35:18Z INFO openconnect::ffi] ESP tunnel connected; exiting HTTPS mainloop. mkdir: cannot create directory ‘/var/run/vpnc’: Permission denied [2024-04-24T05:35:19Z WARN openconnect::ffi] Failed to bind local tun device (TUNSETIFF): Operation not permitted [2024-04-24T05:35:19Z WARN openconnect::ffi] To configure local networking, openconnect must be running as root See https://www.infradead.org/openconnect/nonroot.html for more information mkdir: cannot create directory ‘/var/run/vpnc’: Permission denied [2024-04-24T05:35:19Z WARN openconnect::ffi] Failed to bind local tun device (TUNSETIFF): Operation not permitted [2024-04-24T05:35:19Z WARN openconnect::ffi] To configure local networking, openconnect must be running as root See https://www.infradead.org/openconnect/nonroot.html for more information Set up tun device failed [2024-04-24T05:35:19Z INFO openconnect::ffi] POST https://access.nhc.sa/ssl-vpn/logout.esp [2024-04-24T05:35:19Z INFO openconnect::ffi] SSL negotiation with access.nhc.sa [2024-04-24T05:35:19Z INFO openconnect::ffi] Connected to HTTPS on access.nhc.sa with ciphersuite (TLS1.2)-(ECDHE-SECP256R1)-(RSA-SHA256)-(AES-256-GCM) [2024-04-24T05:35:19Z INFO openconnect::ffi] Logout successful. [2024-04-24T05:35:19Z INFO openconnect::ffi] openconnect_mainloop returned -5, exiting

Environment:

Additional context Add any other context about the problem here.

yuezk commented 6 months ago

Hi @mahadmughal, you should run the command with sudo.

mahadmughal commented 6 months ago

@yuezk, resolved with sudo. Many thanks, my friend.

Secondly, I could access not all the sites but few. Why is this case ? Is CLI version providing limited access ? If yes then how should I resolve this issue. Should I use GUI version instead for full access ?

You may get an idea from above logs I have pasted.

Please comment :)

yuezk commented 6 months ago

Hi @mahadmughal The CLI version doesn't limit access, if you have limited access with the CLI version, it could be the same for the GUI version.