Issues connecting to sites behind VPN (Cisco IPSec)

Well, I do know that there is no support for Smart Cards, and IPv6 seems broken totally new.

I hope none of our US Armed Forces members (or other government employees) upgraded to Lion as their tokens won't work anymore. Oops.

after upgrading to 10.7 my RSA SecurID app (virtual code for VPN) is not starting. it gives me a message "Error loading the application. Contact your administrator." this all worked well (and my VPN still loads) may be a related issue.

Same problem here. Started getting "Error 51" when I upgraded my hard drive and used to be able to use "sudo kextload /System/Library/Extensions/CiscoVPN.kext" in a terminal window to make the error go away. With Lion, that no longer works and I get:

/System/Library/Extensions/CiscoVPN.kext failed to load - (libkern/kext) requested architecture/executable not found; check the system/kernel logs for errors or try kextutil(8).

Not sure what that means or how I'm going to work in the morning!

Same issue here after OS X Lion upgrade. Tried the reboots, run the scripts (same error as above) and re-install of the VPN client. no dice - I get error 51 still.

I'm reading similar posts pointing to 64 vs 32 bit issue on the client, any way to manually over ride this once on Lion?

There is a known issue with Cisco VPN on Mac with Lion.

Please refer to this site for a list of all applications current compatible (and not compatible) with Lion 10.7:

http://roaringapps.com/

Most major apps are now compatible, but VPN clients (Cisco and LMI Hamachi) are notable exceptions.

As with any new OS release, this is bound to happen. Those with software of this type, or industry-specific software (such as accounting, legal, etc.) should always wait a while before updating to the new OS to ensure their apps continue to work properly.

Cheers

If there is I can't find it. Your best bet might be to go into your network preferences and setup a new network connection for VPN / Cisco IPSec. If you use a "shared secret" when your connecting you might be golden. I use a certificate that has to be importeted into the KeyChain app and I can't get KeyChain to accept whatever format my certificate is in. I have an email out to my IT guys asking for .p12 formated certificate.

yep same issue here. I have been using the same Cisco client for 2 years without a problem, but it wouldnt work after the Lion upgrade last night.

I also noticed my iPad won't connect since iOS 4.3.4 upgrade earlier.... at that point i assumed it was an issue with the iPad, something needed to be reset on the sevrer or similar.... because my Snow Leopard Mac was fine, but since going to Lion I see the "Error 51: Unable to Communicate with VPN subsystem".

If i try the OS X VPN network connection i get "Authentication Failed"

i know of 1 co worker with the same issue.

This is due to Lion booting into a 64 bit kernel verses older releases starting in 32 bit mode. There is no patch but a simple workaround involves booting into 32 mode and running the VPN client normally. This method will work on 10.7 until Cisco actually creates a 64 bit extension for mac os x. Details for booting into 32 bit mode are here: http://9to5mac.com/2011/03/20/new-macbook-pros-default-boot-in-64-bit-mode/

Cheers, -mjh

yep, just tried it and i get the VPN client to run. I would never have thought of this, great work MJH.

This solution will help me until Cisco get that 64 bit client out.

Thanks.

As suspected - that fixed it. Thanks MJhaber.

rebooted in 32 bit mode and works like a charm...work can resume....

Awesome. I was able to install the cisco client in parallels and vpn in that way, but only parallels was on the vpn, not the rest of my mac. Booting in 32-bit mode seems nicer to me. Thanks a million!

i am having the same issue, but luckily my corporation's VPN server also supports SSL based VPN, so i changed my VPN software from "vpnclient-darwin-4.9.01.0180-universal-k9" to "anyconnect-macosx-i386-2.4.1012-k9"

and everything is fine now

We should expect that Apple solves the problem in the OS-internal VPN client. According to my company's IT folks Apples VPN cisco client tries to run ipsec over TCP instead of UDP and this seems to be the problem with the internal client. This does not sound so complicated to get fixed. How can we write a "bug report" on Lion, I didn't find that possiblity. My enterprise uses a Cisco 3005 VPN concentrator with latest software update.