-
Notifications
You must be signed in to change notification settings - Fork 41
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Authentication failure post pOTP #11
Comments
|
I am using openconnect 8.01.
Assuming I used firefox -> Shift F9 to have storage, I only saw two PHPSESSID cookies, one with / as a path and the other one with /global-protect/ as the path. gp-okta.py also seems to confirm there is no portal-userauthcookie:
There does appear to be a:
|
I haven't seen this one before, but what if you try logging connecting via the command line with
|
It returns the following: `Got HTTP response: HTTP/1.1 512 Custom error |
Here are some possibly relevant sections of the getconfig response:
|
Ah, this is the portal getconfig request. Is there no The |
There is a gateway section with multiple gatewaya defined, I took that part
out because it contains host names etc. If you want a full dump that is
obfuscated, I can paste that tomorrow.
… |
@ffainelli, full dump would definitely help. |
@arthepsy I have a couple of different behaviors, with your repository as of 2adb621 ("Debug HTTP headers.") I get the following behavior: https://gist.github.com/ffainelli/c5d0d9035b5823b20022e8c66f72e302 with @nicklan and his fork as of a7e61aa ("Pass conf where needed"), I get the following behavior:
|
Do these logs help in any way? |
I have the same problem here. |
I'm also getting this issue.
|
You can get your VPN admin to enable the cookie by following these instructions https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000boODCAY |
I am getting an authentication failure after sending the correct OTP challenge that OKTA verify produced, is this something you have seen before:
I can provide additional logs if necessary. When I do open a browser to the VPN URL gateway, it does redirect me to the page after successful authentication so something must have been working somehow.
The text was updated successfully, but these errors were encountered: