01-21-2016 09:42 PM
Just upgraded my Mac to OS X 10.11.4 Beta (15E27e). Running Cisco AnyConnect Secure Mobility Client version 4.1.08005. I am unable to connect to our corporate SAS VPN. I receive the following messages. Please help!
12:29:09 AM The AnyConnect Downloader is performing update checks...
12:29:09 AM Checking for profile updates...
12:29:09 AM Checking for product updates...
12:29:09 AM Checking for customization updates...
12:29:09 AM Performing any required updates...
12:29:09 AM The AnyConnect Downloader updates have been completed.
12:29:09 AM Establishing VPN session...
12:29:09 AM Establishing VPN - Initiating connection...
12:29:09 AM Establishing VPN - Examining system...
12:29:09 AM Establishing VPN - Activating VPN adapter...
12:29:09 AM Establishing VPN - Configuring system...
12:29:11 AM Disconnect in progress, please wait...
12:29:11 AM The VPN client was unable to successfully verify the IP forwarding table modifications. A VPN connection will not be established.
12:29:11 AM AnyConnect was not able to establish a connection to the specified secure gateway. Please try connecting again.
01-21-2016 10:32 PM
If you just did an upgrade try removing the VPN client and re-installing it.
01-21-2016 11:55 PM
I would say this is expected behavior with beta-software.
In addition to reinstalling the client, I would try the newest AC 4.2 which is slightly newer.
01-24-2016 12:23 PM
Thanks for the suggestions guys.
I tried removing then reinstalling the VPN client — no good. I ended up having to do a clean reinstall of OS X 10.11.3. Lesson learned, no more beta operating systems on production computers. That's what VMs are for, right? :-)
01-24-2016 12:51 PM
And keep looking at the AnyConnect release notes if there is an announcement of compatibility.
03-28-2016 08:47 PM
Just update on phase 1 of your VPN, add DH group 14 and that will fix the issue, it appears that OSX 10.11.4, requires a minimum of a 2048 bit modulus (DH Group 14) to connect to IPSec VPNs.
01-13-2020 07:50 AM
You can try the following procedure in your MAC, with this workaround is working.
macOS Catalina 10.15.2 (19C57)
Any Connect Version 4.6.01103
LOGS
BEFORE
21:17:29 User credentials entered.
21:17:40 User credentials entered.
21:17:41 Establishing VPN session...
21:17:42 The AnyConnect Downloader is performing update checks...
21:17:42 Checking for profile updates...
21:17:42 Checking for product updates...
21:17:42 Checking for customization updates...
21:17:42 Performing any required updates...
21:17:42 The AnyConnect Downloader updates have been completed.
21:17:42 Establishing VPN session...
21:17:42 Establishing VPN - Initiating connection...
21:17:42 Establishing VPN - Examining system...
21:17:42 Establishing VPN - Activating VPN adapter...
21:17:42 Establishing VPN - Configuring system...
21:17:44 Disconnect in progress, please wait...
21:17:45 Ready to connect.
21:17:45 Connection attempt has failed.
21:17:45 Ready to connect.
22:19:09 Ready to connect.
13/01/20
AFTER
9:31:19 Ready to connect.
9:41:14 Contacting ANYCONNECT
9:41:22 User credentials entered.
9:41:22 Establishing VPN session...
9:41:23 The AnyConnect Downloader is performing update checks...
9:41:23 Checking for profile updates...
9:41:23 Checking for product updates...
9:41:23 Checking for customization updates...
9:41:23 Performing any required updates...
9:41:23 The AnyConnect Downloader updates have been completed.
9:41:23 Establishing VPN session...
9:41:23 Establishing VPN - Initiating connection...
9:41:23 Establishing VPN - Examining system...
9:41:23 Establishing VPN - Activating VPN adapter...
9:41:23 Establishing VPN - Configuring system...
9:41:25 Establishing VPN...
9:41:25 Connected to ANYCONNECT
9:44:22 Reconnecting to ANYCONNECT
9:44:23 Establishing VPN - Examining system...
9:44:26 Establishing VPN - Activating VPN adapter...
9:44:27 Establishing VPN - Configuring system...
9:44:29 Establishing VPN...
9:44:29 Connected to ANYCONNECT.
04-09-2020 12:18 PM
After running into this error and finding that the change to IPv6 for Link-Local didn't work I found another bug that actually helped me find the root cause of the issue. Recent changes to the firewall routing tables apparently included an RFC1918 route for 192.168.1.0/24 and since my home network was on this range the VPN wouldn't allow me to connect because it couldn't figure out how to make a route that didn't overlap.
https://quickview.cloudapps.cisco.com/quickview/bug/CSCvq32554
My temporary solution was to create a new subnet for a "guest" network that used a different IP range that didn't overlap with one that the VPN concentrator cared about and this allowed me to successfully connect. I also contacted the network/firewall team about why they'd EVER use one of the most common consumer router IP subnets as a route inside the enterprise.
04-23-2020 08:49 AM
I've been getting this error intermittently as well on Mac OS X 10.15.4 using AnyConnect 4.8.02042. In my setup, I have a dock that provides Internet connectivity over USB-C and I'm also connected to a wireless network. Rebooting my computer usually fixes the issue, but I've also found that disabling WiFi makes the issues go away without requiring a reboot.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide