Just to be clear, you're running AnyConnect 3.1.05187 on Yosemite? I know you said you were at the latest version, but I want to be clear. I use this combination constantly in the field and was having the same symptoms prior to 3.1.05182.
Yep - I can confirm that the behaviour seems to be exactly the same with 4.0.00048. I have no /etc/resolv.conf when tethered over VPN, and thus cannot resolve any DNS.
I've had the exact same issue with 3.1.05187. Tethered via an iPhone (USB, Wifi, Bluetooth) all result in /etc/resolv.conf vanishing as soon as AnyConnect gets online.
Sorry, but this does not solve it for us because this is the exact configuration we already have. This is clearly an incompatibility with Anyconnect and Yosemite. The ONLY success I have had is with a pocket router in between my iPhone Hotspot and my laptop running Yosemite. It is an ugly hack, but at least I am portable(ish) again.
David - are you still using the pocket router ? How is the pocket router connected to your phone ? How is the pocket router connected to your Mac ?
Hello Scott, I am still using the pocket router but I have not tried 8.2. I connect to the USB powered pocket router via WiFi and the Pocket Router connects to my iPhone via WiFi too. This has worked for me when I am desperate.
-I have same problem. El Capitan ! and Iphone iOS 10.1.1and beta
---Solution is go to Anyconnect Group Policy, go to advanced> split tunnelling
--for DN names--uncheck -->inherit and manually add LAN DNS domain name
--for send All DNS lookups through tunnel "uncheck" inherit and manually select "no".
It solved problem.
but i still cannot access and docker container images.
---Even if you using anyconnect directly and have docker images, i cannot access docker container, but if i disconenct anyconnect, i can see docker images, any idea?
Unfortunately, I can say that after the iOS 8.2 update it is STILL not working for me. Just to be clear, I AM running Yosemite with all the latest updates. I am running Cisco VPN Client version 3.1.05187. I am also using split tunneling which I understand is part of the issue, but I cannot live without it. If I connect to the iPhone and do NOT run the Cisco VPN Client version 3.1.05187, I can connect to the internet and ping google (for example). As soon as I connect to the VPN, my /etc/resolv.conf file disappears. It is incredible that after all this time, nobody can solve this.
I've been having this problem too. I'm not sure this would work for every circumstance but I found a solution for my particular case.
Mac OS X Sierra using an iPhone 6s for tethering. Anyconnect 4.3.02, ASA 5506-X 9.6(3)
This article is very helpful in explaining some of the complexity.
I only wanted DNS to be public, but apparently there is a bug (described above) that doesn't allow that. So you have to send a public DNS server to your client. If you don't do this you will find your /etc/resolv.conf empty when the VPN is connected. If you do set a public DNS server like 126.96.36.199 it will automatically include the secure route to your client so you can tunnel it. There is an option to split tunnel and not send traffic for 188.8.131.52 through the tunnel but that apparently doesn't work on these versions of code apple/cisco. So I allowed the DNS traffic through the tunnel but in my case initially was dropping it due to misconfigured NAT rules. Once that was fixed I am able to resolve DNS names using a public DNS server although the tunnel. If you had DNS at your site you could put your private DNS server in place of 184.108.40.206 and enable recursion I suppose. Hope this helps someone.