cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
84089
Views
25
Helpful
49
Replies

Cisco AnyConnect Secure Mobility Client on OS X Yosemite - VPN not working if the Mac is connected via Iphone HotSpot

razvan1979
Level 1
Level 1

I have encounter a starange situation with Yosemite and Cisco AnyConnect Secure Mobility Client (all recent versions including latest 3.1.05187).

If the mac is using the internet connection of the iPhone (via Bluetooth or WiFi), when I connect with the client everything stops working, from the Internet to the traffic over the tunnel, we are using Split Tunnel with Split DNS for our internal addresses. Somehow the DNS is not working anymore.

I can ping via IP but not by name, also cannot ping any address from internet unless I add again manually the default route.

 

Anybody encounter this problem?   

2 Accepted Solutions

Accepted Solutions

WG Network Team
Level 1
Level 1

Gentlemen,

Seems that we have a solution. Try to follow this picture to enable client bypass protocol. It works for us

OR

enter "client-bypass-protocol enable" in group-policy attributes section using CLI

View solution in original post

49 Replies 49

simon.anthony
Level 1
Level 1

I can say that I also have exactly these symptoms.

I have 3.1.05187. Just upgraded to Yosemite. Split tunnel/DNS and all was fine was last week on Mountain Lion.

DNS does not work when VPN is connected using USB/Bluetooth Hotspot (i.e. tethered). Regular WiFI is fine.

 

 

 

 

Exactly the same for me. Have tried every older version of Anyconnect I can find, multiple different ASAs, 2 different iPads, 3 different iPhones, reloaded O/S from scratch, and 3 different Macbook Pros. Issue ONLY occurs when using connection to an IOS device for access when MAC is running Yosemite.

 

Has anyone had any luck with this issue or are we resigned to open a TAC case and then wait on a new version of Anyconnect to be released?

From what i have seen,  /etc/resolv.conf disappears entirely, after authenticating on AnyConnect. 

aixsam_09
Level 1
Level 1

Yes, I have the same exact problem.

davidshulman
Level 1
Level 1

I am having the same issue with employees in my company.  Anyone have an idea if this can be fixed with the AnyConnect client, or must Apple fix it?

simon.anthony
Level 1
Level 1

Just to elaborate...

There is no such issue experienced with the OS X VPN client connecting the the same ASA.

 

gavinharper13
Level 1
Level 1

We have the same issue here too. With an iPhone hotspot and Anyconnect connected the etc/resolv.conf cant be found, so basically no network activity. Disconnect Anyconnect and still using the iPhone as a hotspot and internet works. Connect to a different wireless and connect AnyConnect and it works.

Is this a Cisco or Apple issue?

Matthew Horvat
Level 1
Level 1

i am experiencing this issue as well

davidshulman
Level 1
Level 1

Any update from anyone?

I don't believe so. We still have the problem, even after the new iPhone and Yosemite updates. We have been trying all sorts. If anyone knows a walk round, that would be helpfull.

 

You can manually edit /var/run/resolv.conf and add your DNS servers there. 

The resolve.conf file gets deleted once the VPN is connected, we have tried replacing it, but still won't work. 

It returns, once we quit the VPN or connect to a non iPhone hotspot or avulse wireless network

I did this...

connect with anyconnect. the connection is successful but dns is not working. this is because the file /var/run/resolv.conf is missing. 

Start vi and add edit the file manually 

sudo vi /var/run/resolv.conf

 

add your dns information like this 

search foobar.com
nameserver 10.10.10.1
nameserver 10.10.10.2

 

 

save the file. after this my dns/vpn stuff is working.

 

 

Maybe you can set a 'static dns server' using the mac os network config UI AFTER connecting with AnyConnect. I never tried it.