You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: gavinfromdurham
gavinfromdurham Author
User level: Level 1
0 points

Yosemite, iPhone Hotspot and Cisco AnyConnect

We seem to have an issue with Cisco Anyconnect, Yosemite and iPhone hotspots, only when you add them all together.


Using the iPhone as a hotspot, works fine. As soon as you connect the VPN, using Cisco Anyconnect Mobility Client, all network traffic stops, you cant ping anything, local or on the web.


Now, if we connect to a android phone as a hotspot, or a different wireless network, and use Cisco Anyconnect, it works fine, no issues.


This has only started to happen when we updated to Yosemite. When we use the iPhone as a hotspot and have VPN connected etc/resolv.conf cant be found. Disconnect the VPN, or use an android phone, any other network connection and it can be found!


The iPhone is up to date, Yosemite is up todate and so is the Cisco client.


Any ideas?

Posted on Nov 12, 2014 1:47 AM

Reply
13 replies
User profile for user: quadrinary
quadrinary
User level: Level 1
0 points

Jan 12, 2015 12:35 PM in response to gavinfromdurham

All - I have a solution for this problem.


In your AnyConnect Group Policy, go to Advanced > Split Tunneling


for "DNS Names" uncheck "inherit" and manually define your LAN's internal DNS domain name.


for "Send All DNS Lookups Through Tunnel" uncheck "inherit" and manually select "no".


For reasons I've not yet figured out, Yosemite does not like tunneling all DNS lookups through the tunnel.


If this is a sticking point for your environment, you may need to define a separate Group Policy for your OS X users until Cisco/Apple figure out their bug.


Good luck!


-Tim

Reply
User profile for user: gavinfromdurham
gavinfromdurham Author
User level: Level 1
0 points

Apr 15, 2015 8:02 AM in response to andyh_1983

Not from me. A possible Cisco ASA update may resolve the problem, but thats very expensive and time consuming.


I think its all down to apple maybe forcing the iPhone to use ipv6. On the Cisco ASA, (depending on the version your network has) It will just drop any ipv6 traffic. Unless you specify it to allow it through.


I haven't tested this, but on the Cisco forums, people are saying its worked for them.


We are looking at alternative VPNs.

Reply

Yosemite, iPhone Hotspot and Cisco AnyConnect

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up