Nikos Mavrogiannopoulos
Nikos Mavrogiannopoulos
I think this may relate to the priority windows sets to interfaces. What is the output of "netstat -rn" in your system?
Also does changing the priority of the tap adapter as in http://stackoverflow.com/questions/7785874/setting-network-adapter-metric-priority-in-windows-7 help?
According to windows documentation the DNS server of the "preferred adapter" is queried first. If that's correct we'll need a way to set the VPN adapter as the "preferred". https://technet.microsoft.com/en-us/library/dd197552%28WS.10%29.aspx
A solution may be to replace the DNS servers on default adapter as in: http://superuser.com/questions/463096/change-dns-with-script We would need to store the old value though and reset them on disconnect. If...
Could you include gnutls' debugging messages to the log? If you set GNUTLS_DEBUG_LEVEL=4 in the environment of the server you will get more info about the issues. From the description,...
> As I don't know how to force "GNUTLS_DEBUG_LEVEL=4" in Windows (I added it to environment variable but no log is created in TEMP folder) so I am adding some...
Oh, as I see now this log is only available if openconnect-gui is compiled with special GNUTLS_DEBUG flag. Otherwise the errors are printed to stderr and in windows I don't...
``` openssl pkcs12 -in cert.pfx -clcerts -nokeys -out vpncert.pem openssl pkcs12 -in cert.pfx -nocerts -out vpnkey.pem ``` I can verify that the interface freezes with these keys (I attach a...
Btw, a pfx (pkcs12) file should have worked as well. However trying one it seems that auto-detection fails. If I PEM-encode the PKCS12 file it seems to try to load...