Thanks for the gist, making definite progress. Pulse now connects
through mitmdump's proxy. I get some basic logging in the console, but the /tmp
dir does not contain any logs using the command in the gist (substituting my
Pulse Secure endpoint of course).
Any ideas?
On Tue, 2018-09-04 at 05:5
Sorry, here's the forgotten Gist:
https://gist.github.com/dlenski/33bfa3a8691686d02ddaf7a51843a89a
On Tue, Sep 4, 2018 at 2:42 AM, Brandon Liles wrote:
> Client Version:
>
> Pulse Secure 5.3.4 (1183)
>
> I did install the root Fiddler MITM cert and Fiddler automatically
> creates certs on the fly
Client Version:
Pulse Secure 5.3.4 (1183)
I did install the root Fiddler MITM cert and Fiddler automatically
creates certs on the fly for the sites you visit for HTTPS decryption
if you've enabled that feature.
Right now I get stuck just after the following two requests to the
Pulse endpoint, wh
On Mon, Sep 3, 2018 at 3:39 AM, Brandon Liles wrote:
> I haven't had any success trying to MITM the Pulse Secure handshake.
> With Fiddler on Windows, after setting up HTTPS decryption, the client
> just spins saying "Connecting".
Which version of the Pulse/NC client are you testing with?
Did you
On Mon, Sep 3, 2018 at 3:27 AM, Andy Tsvetinskiy
wrote:
>
> I could compile debug versions of openconnect and test with verbose logging.
> Please let me know. Try to help
You don't need to compile any special version of openconnect. Running
`openconnect - --dump` should get you all the verbos
On Mon, Sep 3, 2018 at 2:00 AM, Andreas Gnau wrote:
>
> Hello Daniel,
> I am experiencing the same problem. Thanks for bringing this up to a wider
> audience and doing the research. I have done the same kind of research a few
> months ago and I came to the same conclusion that many encountered t
I haven't had any success trying to MITM the Pulse Secure handshake.
With Fiddler on Windows, after setting up HTTPS decryption, the client
just spins saying "Connecting".
On Mon, 2018-09-03 at 11:00 +0200, Andreas Gnau wrote:
> Hello Daniel,
> I am experiencing the same problem. Thanks for bring
Hello Daniel,
I am experiencing the same problem. Thanks for bringing this up to a
wider audience and doing the research. I have done the same kind of
research a few months ago and I came to the same conclusion that many
encountered this, but no-one found a solution.
If I remember correctly,
On Aug 29, 2018 11:43 PM, "David Woodhouse" wrote:
> On Wed, 2018-08-29 at 15:13 -0400, Brandon Liles wrote:
> >
> > Read 3 bytes of SSL record
> > < : 01 00 08
> > Server response to hostname packet is error 0x08
> > Creating SSL connection failed
>
> From distant memory, that seems remarkabl
Thanks! Here are the results.
1. I tried the hostname of a machine that is able to connect (which
incidentally has a dash in it also), I tried "localhost", still error
0x08.
2. Yes I get error 0x05 when I set the hostname to "".
3. Yes I get the same result when I remove the client cert after
au
On Wed, 2018-08-29 at 15:13 -0400, Brandon Liles wrote:
>
> Read 3 bytes of SSL record
> < : 01 00 08
> Server response to hostname packet is error 0x08
> Creating SSL connection failed
From distant memory, that seems remarkably like the error we were
getting when it's configured only to let
I decided to dive into this by Googling `"error 0x08" openconnect`,
and found many more examples of the same "error 0x08" in
response to the Juniper "vestigial auth packet."
None of them seem to have been resolved. I don't see any notable
commonalities among the reports either.
I am cc'ing Andrew
On Wed, Aug 29, 2018 at 6:46 PM, Brandon Liles wrote:
> Thanks very much for taking the time to look into this.
>
> Yes, I get the exact same result with 7.08 and with v7.08-125-
> g31b5c4a.
>
> Here is the output you requested:
>
> Attempting to connect to server xxx.xxx.xxx.xxx:443
> Connected t
Thanks very much for taking the time to look into this.
Yes, I get the exact same result with 7.08 and with v7.08-125-
g31b5c4a.
Here is the output you requested:
Attempting to connect to server xxx.xxx.xxx.xxx:443
Connected to xxx.xxx.xxx.xxx:443
Using certificate file /home/***
Using c
On Wed, Aug 29, 2018 at 12:13 PM, Brandon Liles wrote:
> I've found a few others reporting this problem, but no resolution. When
> connecting to a pulse secure endpoint, authentication is successful (I
> can see the DSID cookie in the http traffic), but when openconnect
> tries to establish the VP
I've found a few others reporting this problem, but no resolution. When
connecting to a pulse secure endpoint, authentication is successful (I
can see the DSID cookie in the http traffic), but when openconnect
tries to establish the VPN connection I get:
Read 3 bytes of SSL record
< : 01 00 08
16 matches
Mail list logo
