SA520 ssl Vpn Mac OS x

Unanswered Question
Jan 10th, 2010
User Badges:


I have a SA520 running ssl vpn.

When Mac OS X clients connect to the SA520 the client downloads the prompts for a password to complete the installation.

I enter the password of the use ( The user has admin rights). I then get an error "needed permissions could not be set for some files"

Any ideas.

Also why doest the standard IPSEC client work with these boxes?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Alejandro Gallego Sun, 01/10/2010 - 19:12
User Badges:
  • Cisco Employee,

Yes we are aware of the problem with the SSL client install on the Macs. The problem seems to be related with the new OS 10.6 and I beleive 10.5 also has this problem. I wish I knew of a resolution or when one will be out but....

The built in IPSec client is for Cisco enterprise routers. They use other parameters such as "groups" which are not option on smal business equipment. I wrote a document that explains how to use a third party open source utility called IPSecuritas to connect to various routers. The SA is not mentioned but the document is still valid. I will try to update it this week as I have found some areas that could be clearer.

Take a look and let us know if you still need assistance.

Here is the link to the document.

Edit: added link to document.

Alejandro Gallego Tue, 01/12/2010 - 06:34
User Badges:
  • Cisco Employee,

Enabling "Root" does not allow the the application to install. Even though the error points to root and not having access the installation fails even with proper settings for root. If you have had success with this, please let us know how you were able to make it work. I have tried and tried and have yet to find a way around this.

Steven Smith Tue, 01/12/2010 - 16:00
User Badges:
  • Gold, 750 points or more

I made this work by enabling the root user and logging in as the root user, installing the SSLVPN client.  After that, you should be able to run it from other users.

lloyd.ropchan Thu, 02/10/2011 - 12:08
User Badges:

While this kludge may "make it work" and usable by administrators, it is not really an dend user fix. So, will there be a fix that does not require enabling the root account? And, when?

nmanglik Wed, 02/23/2011 - 21:12
User Badges:

Hi Llyod,

This needs to be done once for each MAC. Root user should add this line in the /etc/sudoers file

"test  ALL=NOPASSWD: /usr/sbin/chown,/bin/chmod,/bin/rm"

Where "test" is the admin username. For every admin user we have to add the corresponding line.




This Discussion