I have encounter a starange situation with Yosemite and Cisco AnyConnect Secure Mobility Client (all recent versions including latest 3.1.05187).
If the mac is using the internet connection of the iPhone (via Bluetooth or WiFi), when I connect with the client everything stops working, from the Internet to the traffic over the tunnel, we are using Split Tunnel with Split DNS for our internal addresses. Somehow the DNS is not working anymore.
I can ping via IP but not by name, also cannot ping any address from internet unless I add again manually the default route.
Anybody encounter this problem?
Solved! Go to Solution.
I can say that I also have exactly these symptoms.
I have 3.1.05187. Just upgraded to Yosemite. Split tunnel/DNS and all was fine was last week on Mountain Lion.
DNS does not work when VPN is connected using USB/Bluetooth Hotspot (i.e. tethered). Regular WiFI is fine.
Exactly the same for me. Have tried every older version of Anyconnect I can find, multiple different ASAs, 2 different iPads, 3 different iPhones, reloaded O/S from scratch, and 3 different Macbook Pros. Issue ONLY occurs when using connection to an IOS device for access when MAC is running Yosemite.
Has anyone had any luck with this issue or are we resigned to open a TAC case and then wait on a new version of Anyconnect to be released?
I am having the same issue with employees in my company. Anyone have an idea if this can be fixed with the AnyConnect client, or must Apple fix it?
We have the same issue here too. With an iPhone hotspot and Anyconnect connected the etc/resolv.conf cant be found, so basically no network activity. Disconnect Anyconnect and still using the iPhone as a hotspot and internet works. Connect to a different wireless and connect AnyConnect and it works.
Is this a Cisco or Apple issue?
I don't believe so. We still have the problem, even after the new iPhone and Yosemite updates. We have been trying all sorts. If anyone knows a walk round, that would be helpfull.
The resolve.conf file gets deleted once the VPN is connected, we have tried replacing it, but still won't work.
It returns, once we quit the VPN or connect to a non iPhone hotspot or avulse wireless network
I did this...
connect with anyconnect. the connection is successful but dns is not working. this is because the file /var/run/resolv.conf is missing.
Start vi and add edit the file manually
sudo vi /var/run/resolv.conf
add your dns information like this
save the file. after this my dns/vpn stuff is working.
Maybe you can set a 'static dns server' using the mac os network config UI AFTER connecting with AnyConnect. I never tried it.
Once you have created the file with your own domain and DNS setting, do you need to do anything? like reload it.
The file is being created, but it still won't work. Cheers for you help though.
No, it was working after I edited / created the file. You can test it with
dig -t mx google.com @18.104.22.168
use your internal dns server instead of 22.214.171.124.
We have disabled IPv6 on the WiFi "sudo networksetup -setv6off Wi-Fi", and after connecting to AnyConnect traffic stops. So this not a viable solution.
When disabling IPv6 with "networksetup -setv6off Wi-Fi" with IOS 8.2 and OSX 10.10.2, DNS seems to work globally (using iPhone DNS resolution) but not with Anyconnect-provided internal DNS server. However, name resolution is still broken for all (internal/external) names.
Have this problem as well and depending on workstation network configuration it either fails to connect (due to ipv6 forwarding table re-writes failing according to the debug log) or connects with the issues mentioned in this thread, no DNS, empty resolv.conf.
Would love to see a resolution to this, but suspect it'll come from the Apple side given that everything was "fine" in Mavericks.