This discussion is archived
53856 Views 54 Replies Latest reply: Feb 17, 2010 9:10 PM by Ashley Aitken
Currently Being ModeratedAug 31, 2009 5:22 PM (in response to tsarna)We have a support contract with Cisco. I spoke with them last night, and they made it clear that they DO NOT SUPPORT Snow Leopard for the (soon to be deprecated) Cisco VPN IPSec client.
That means don't expect fixes, etc.Mac OS X (10.6)
Currently Being ModeratedAug 31, 2009 7:28 PM (in response to ajmorris)No Cisco development being done for a 64bit IPSec client - Mac, Windows, or otherwise. AnyConnect (SSL) is the direction Cisco is going. Better licensing model.MacBook, Mac OS X (10.5.5)
Currently Being ModeratedAug 31, 2009 8:22 PM (in response to Forrest)This is true, but the most recent client (4.9.01.0180) works fine with the 32bit kernel. You just have to re-install after upgrading to 10.6. Anyone with Cisco hardware providing IPSec VPNs has access to CCO and can download the client, so there should be no need to download it from any other sources.MacBook, Mac OS X (10.5.5)
Currently Being ModeratedAug 31, 2009 8:43 PM (in response to tsarna)
Thanks so much, Cisco. By making it difficult to obtain the software legitimately, you force people into obtaining copies from unknown sources that might contain malware.
It's not difficult at all; ask your IT department for a copy. They have the support contracts with Cisco and can login and download the client directly from Cisco.
Encryption regulations are why Cisco can't make the client available for random download.Quad 2.5 GHz G5, 5 GB | 15" 2.6 GHz MBP Penryn, 4 GB | 1 TB Dual-Band TC, Mac OS X (10.6)
Currently Being ModeratedSep 1, 2009 12:50 PM (in response to William Kucharski)Built in Client not working here too
I can connect to the network, get an IP Adress and DNS-Server, but i cannot reach any machine in that network. No ssh, no nslookup…
In my .pcf it says:
Is that the problem?
SvenMBP 2.16 GHz Core 2 Duo, Mac OS X (10.5.1)
Currently Being ModeratedSep 1, 2009 1:12 PM (in response to Sven Koesling)The SL Cisco IPsec client only support straight IPsec not tunneled in UDP or TCP. Tunneling in UDP or TCP is required to support IPsec over any NAT device. Since you are asking for tunneling and NAT it won't work.
Just use the Cisco client. It works fine with SL.Mac Pro/Macbook/Macbook Pro/iMac, Mac OS X (10.6)
Currently Being ModeratedSep 1, 2009 3:19 PM (in response to cipherwar)I just tested the SL Cisco VPN client and connected to the VPN 3000 series concentrator at work and verified that it DOES support the standards-track "NAT Traversal" feature that uses UDP to encapsulate the ESP (IP protocol 50) traffic if either or both endpoints of the VPN connection are behind a NAT device. This is the newer flavor of encapsulation that has replaced the older versions of TCP and UDP encapsulations and is the preferred encapsulation technique.
In case anyone's interested, I used the same VPN group that I use with the Cisco VPN client, so the SL client appears to be reasonably compatible (assuming you don't use Cisco's older versions of TCP and UDP encapsulation). Anyone trying to configure a Cisco device at the head end to support the SL client should just pretend they're setting it up for a Cisco IPSec client, but make sure you specify "NAT-T" instead of the older TCP or UDP versions that default to port 10000 (NAT-T defaults to UDP port 4500).
CCIE #1937MacPro x 2 & MacBook Pro 17", Mac OS X (10.6)
Currently Being ModeratedSep 1, 2009 5:01 PM (in response to gilcelli)I too ran into problems -- I found a beta release of Cisco AnyConnect which supports Snow Leopard.
and the release notes:
Hope this helps!
AndyMacbook, Mac OS X (10.6)
Currently Being ModeratedSep 4, 2009 2:34 PM (in response to gilcelli)I too have lost my Cisco VPN connection ability.
Even after trying to re-install Cisco AnyConnect (4.9.01.0180) I just keep getting the "Failed to initialize VPN API, aborting." message.
Just when I got my company to think they could look at moving more people to Macs. Doh!
I was really hoping that the built in Snow Leopard Cisco VPN support would take care of all this.MacBook Pro (2.33 Core 2, 2GB RAM), Mac OS X (10.6)
Currently Being ModeratedSep 4, 2009 2:50 PM (in response to bughuntr)Bughuntr,
In speaking with Cisco, they mentioned that Snow Leopard support is in a new beta of AnyConnect:
If you have access to their downloads, grab it and it should work for you.
ForrestMac OS X (10.6)
Currently Being ModeratedSep 4, 2009 8:34 PM (in response to Sven Koesling)Hey Sven,
My .pcf configuration file has the same settings are yours:
Mine is from Rice University. Are you from Rice? I'm trying to avoid the Cisco VPN client due to two kernel panics this week that I traced to the Cisco IPsec.kext. I have gotten the default SL VPN client to connect and authenticate but half the time it works and half the time I have the same problem as you (nothing is accessible or pingable). I'm having trouble figuring out what might have gone wrong because everything looks okay aside from my network not responding. Did you get anywhere with this?Macbook 2.4 Ghz, Mac OS X (10.5.6), 4 GB RAM
Currently Being ModeratedSep 6, 2009 6:10 PM (in response to agrobbin)This is the sort of gaff that ruins our attempts to convince our companies that mac is a viable platform, and the sort of "hey user ... it's your problem" behavior I'd expect from Microsoft ... not from Apple.MacBook Pro, Mac OS X (10.5.4)
Currently Being ModeratedSep 7, 2009 6:52 PM (in response to Tom Glover)A re-install of Cisco VPN Client MAC 4.9 reproduced the 051 issue. However installing vpnclient-darwin-4.9.01.0100-universal-k9 yielded a Cisco vpn that works on SL.MacBook Pro, Mac OS X (10.5.4)
Currently Being ModeratedSep 15, 2009 7:36 AM (in response to J-a-x)Hi J-a-x,
sorry for answering so late - I didn't find the time. Till now I have no solution. I'm still using the cisco client.
P.S.: No, I'm not from Rice. Actually I'm living in Switzerland.MBP 2.16 GHz Core 2 Duo, Mac OS X (10.6.1)
Currently Being ModeratedSep 16, 2009 7:41 AM (in response to tsarna)Cisco's web pages are confusing but it shouldn't take you long to find where to download the VPN client. If you're purchased a license, you can download it with your Cisco CCO account. Nobody should have to get a (legitimate) copy from anywhere else.G5, Mac OS X (10.5)