Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

SA520 ssl Vpn Mac OS x


I have a SA520 running ssl vpn.

When Mac OS X clients connect to the SA520 the client downloads the prompts for a password to complete the installation.

I enter the password of the use ( The user has admin rights). I then get an error "needed permissions could not be set for some files"

Any ideas.

Also why doest the standard IPSEC client work with these boxes?


Cisco Employee

Re: SA520 ssl Vpn Mac OS x

Yes we are aware of the problem with the SSL client install on the Macs. The problem seems to be related with the new OS 10.6 and I beleive 10.5 also has this problem. I wish I knew of a resolution or when one will be out but....

The built in IPSec client is for Cisco enterprise routers. They use other parameters such as "groups" which are not option on smal business equipment. I wrote a document that explains how to use a third party open source utility called IPSecuritas to connect to various routers. The SA is not mentioned but the document is still valid. I will try to update it this week as I have found some areas that could be clearer.

Take a look and let us know if you still need assistance.

Here is the link to the document.

Edit: added link to document.

Re: SA520 ssl Vpn Mac OS x

The problem with the newer clients is that MAC 10.6 has the root user disabled by default.

Let me know if that works for you.

Cisco Employee

Re: SA520 ssl Vpn Mac OS x

Enabling "Root" does not allow the the application to install. Even though the error points to root and not having access the installation fails even with proper settings for root. If you have had success with this, please let us know how you were able to make it work. I have tried and tried and have yet to find a way around this.

Re: SA520 ssl Vpn Mac OS x

I made this work by enabling the root user and logging in as the root user, installing the SSLVPN client.  After that, you should be able to run it from other users.

Community Member

Re: SA520 ssl Vpn Mac OS x

While this kludge may "make it work" and usable by administrators, it is not really an dend user fix. So, will there be a fix that does not require enabling the root account? And, when?

Community Member

Re: SA520 ssl Vpn Mac OS x

Hi Llyod,

This needs to be done once for each MAC. Root user should add this line in the /etc/sudoers file

"test  ALL=NOPASSWD: /usr/sbin/chown,/bin/chmod,/bin/rm"

Where "test" is the admin username. For every admin user we have to add the corresponding line.



CreatePlease to create content