Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1476
Views
0
Helpful
3
Replies

Anyconnect Client & Clean Access SSO

Go to solution
draper7
Level 1
Level 1

‎09-23-2009 12:14 PM - edited ‎03-09-2019 10:35 PM

I have a ASA 5550 setup with the AnyConnect Essentials License and it works. Behind the VPN we have a CA server running 4.1.8 using SSO. The VPN aspect of this works but I've run into a issue with OSX and the CA Agent. Windows and the CA Agent SSO works. When you connect to the VPN via AnyConnect on a MAC (OSX 10.5.8) it connects but when the CA Agent starts communicating with the CAS you are disconnected.

I've looked the traffic between the ASA and CAS, the Radius traffic looks good. Is this a bug?

ASA: 8.2(1)

CAS/CAM: 4.1.8

MAC CA Agent: 4.5.0 (it is supported per docs).

Thanks,

-Dusty

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
tprendergast
Level 3
Level 3

‎09-24-2009 09:19 AM

Hi Dusty,

Try this:

- Look in your appropriate user directory for the CCAAgent dir (in my case it was: /Users/tprender/Library/Application Support/Cisco Systems/CCAAgent)

- Create a preference.plist file if it doesn't already exist -- if it does exist , just add the key/value strings for "VlanDetectInterval" below

- To create the file, do "vi preference.plist" and enter this data:

http://www.apple.com/DTDs/ PropertyList-1.0.dtd">

AutoPopup

yes

VlanDetectInterval

0

- Save this file (in vi, :wq and ) and restart the Cisco NAC Agent (right click the icon and exit, then relaunch from your Applications menu)

The VlanDetectInterval must be set to 0 (default is 5) as Macintoshes do stupid things with the vpn interface.

I hope this helps. Please rate if you find this a valid solution.

Cheers,

Tim

View solution in original post

0 Helpful
3 Replies 3

Go to solution
tprendergast
Level 3
Level 3

‎09-24-2009 09:19 AM

Hi Dusty,

Try this:

- Look in your appropriate user directory for the CCAAgent dir (in my case it was: /Users/tprender/Library/Application Support/Cisco Systems/CCAAgent)

- Create a preference.plist file if it doesn't already exist -- if it does exist , just add the key/value strings for "VlanDetectInterval" below

- To create the file, do "vi preference.plist" and enter this data:

http://www.apple.com/DTDs/ PropertyList-1.0.dtd">

AutoPopup

yes

VlanDetectInterval

0

- Save this file (in vi, :wq and ) and restart the Cisco NAC Agent (right click the icon and exit, then relaunch from your Applications menu)

The VlanDetectInterval must be set to 0 (default is 5) as Macintoshes do stupid things with the vpn interface.

I hope this helps. Please rate if you find this a valid solution.

Cheers,

Tim

0 Helpful

Go to solution
draper7
Level 1
Level 1
In response to tprendergast

‎09-24-2009 10:14 AM

Hey Tim,

Thanks for the help, it worked! The plist file already existed and had 5 like you said. Once I changed that and restarted CAA it worked. Not sure how we are going to get end users to do this though...

Thanks,

-Dusty

0 Helpful

Go to solution
tprendergast
Level 3
Level 3
In response to draper7

‎09-24-2009 10:26 AM

Hey Dusty,

I published a document to all of my users on a wiki and via email. It is about as good as it gets. :)

Glad it helped!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents