I have a ASA 5550 setup with the AnyConnect Essentials License and it works. Behind the VPN we have a CA server running 4.1.8 using SSO. The VPN aspect of this works but I've run into a issue with OSX and the CA Agent. Windows and the CA Agent SSO works. When you connect to the VPN via AnyConnect on a MAC (OSX 10.5.8) it connects but when the CA Agent starts communicating with the CAS you are disconnected.
I've looked the traffic between the ASA and CAS, the Radius traffic looks good. Is this a bug?
MAC CA Agent: 4.5.0 (it is supported per docs).
- Look in your appropriate user directory for the CCAAgent dir (in my case it was: /Users/tprender/Library/Application Support/Cisco Systems/CCAAgent)
- Create a preference.plist file if it doesn't already exist -- if it does exist , just add the key/value strings for "VlanDetectInterval" below
- To create the file, do "vi preference.plist" and enter this data:
<?xml version="1.0" encoding="UTF-8"?> http://www.apple.com/DTDs/ PropertyList-1.0.dtd">
- Save this file (in vi, :wq and ) and restart the Cisco NAC Agent (right click the icon and exit, then relaunch from your Applications menu)
The VlanDetectInterval must be set to 0 (default is 5) as Macintoshes do stupid things with the vpn interface.
I hope this helps. Please rate if you find this a valid solution.