OpenConnect and Cisco Firepower AnyConnect
From OISecWiki
Since a recent update in Cisco Firepower (7.2.4.1) OpenConnect would no longer connect to a AnyConnect VPN.
This is due to TLS1.3 being announced as a functionality by the Firepower, but when connecting this will generate errors.
A quick work around is the following
mv /usr/sbin/openconnect /usr/sbin/openconnect-bin
Create a new file /usr/sbin/openconnect
#!/bin/sh /usr/sbin/openconnect-bin "$@" --gnutls-priority="NORMAL:-VERS-ALL:+VERS-TLS1.2:+RSA:+AES-128-CBC:+SHA1"
chmod +x /usr/sbin/openconnect
Now it will work again.