IPSEC or AnyConnect for MAC OSX. How to display network parameters from client

Answered Question
Feb 17th, 2010

With Windows using either AnyConnect or the Cisco IPSEC client on ASA, I can type IPCONFIG /ALL and see the associated network parameters - IP addresses, DNS, domain search order, etc under the Cisco VPN adapter. This is very helpful when troubleshooting connectivity issues.

I cannot find similar commands (GUI or Command Line) for MAC OSX. Networksetup doesn't seem to see any VPN adapter at all.

Can anyone with better MAC knowledge than I provide some assistance? Thanks.

Correct Answer by Brandon Svec about 7 years 3 days ago

I use both OS X built in Cisco IPSEC and AnyConnect. I can't speak to

Cisco's IPSEC client.

So with AnyConnect running I can click on AC menu icon and see some stats

like IP address, etc.

ifconfig returns:

utun0: flags=8091 mtu 1406

inet 10.10.10.91 --> 10.10.10.91 netmask 0xffffff00

With AnyConnect down and built in IPSEC up I can see ip address and also dns

servers in use via network pref gui and if config returns:

utun0: flags=8011 mtu 1280

inet 10.10.10.91 --> 10.10.10.91 netmask 0xffffff00

You should try to get away from old Cisco IPSEC client if you can.

Are you using an ASA? On an ASA5510 with 8.2 software it is only $100 for a

250 user basic AnyConnect client license.

Brandon

On Wed, Feb 17, 2010 at 12:20 PM, kbyrd

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Brandon Svec Wed, 02/17/2010 - 11:37

ifconfig is the equivilant command.

try man ifconfig for detailed info.

via GUI system prefs > network should give plenty of info too.

HTH,

Brandon

kbyrd Wed, 02/17/2010 - 11:48

Thanks for your response, Brandon. There's no detail - no IP address, DNS, domain search, etc.

cscotun0: flags=8850 mtu 1500
    closed

as opposed to my wireless NIC, for example:

en1: flags=8863 mtu 1356
    inet6 fe80::226:8ff:fee5:aec8%en1 prefixlen 64 scopeid 0x6
    inet 10.1.180.70 netmask 0xfffffc00 broadcast 10.1.183.255
    ether 00:26:08:e5:ae:c8
    media: autoselect status: active
    supported media: autoselect

Also, cat /etc/resolv.conf shows only the DNS servers from DHCP, not from VPN:
nameserver 199.5.86.29
nameserver 10.32.23.29
nameserver 199.5.86.10

Any other ideas?

Brandon Svec Wed, 02/17/2010 - 11:54

Are you using IPSEC or AnyConnect? If IPSEC are you using OS X built in

Cisco VPN client?

Brandon

On Wed, Feb 17, 2010 at 11:48 AM, kbyrd

kbyrd Wed, 02/17/2010 - 12:20

Brandon, I am using Cisco's IPSEC MAC client v 4.9.01.0180. I am also using anyconnect-macosx-i386-2.4.0202-k9.pkg.

I need to be able to support both IPSEC and AnyConnect.

Thanks again.

Correct Answer
Brandon Svec Wed, 02/17/2010 - 12:32

I use both OS X built in Cisco IPSEC and AnyConnect. I can't speak to

Cisco's IPSEC client.

So with AnyConnect running I can click on AC menu icon and see some stats

like IP address, etc.

ifconfig returns:

utun0: flags=8091 mtu 1406

inet 10.10.10.91 --> 10.10.10.91 netmask 0xffffff00

With AnyConnect down and built in IPSEC up I can see ip address and also dns

servers in use via network pref gui and if config returns:

utun0: flags=8011 mtu 1280

inet 10.10.10.91 --> 10.10.10.91 netmask 0xffffff00

You should try to get away from old Cisco IPSEC client if you can.

Are you using an ASA? On an ASA5510 with 8.2 software it is only $100 for a

250 user basic AnyConnect client license.

Brandon

On Wed, Feb 17, 2010 at 12:20 PM, kbyrd

Actions

This Discussion