I'm having an issue with the Mac version of the VPN AnyConnect Client.
The Client I'm using is version 2.4.1012, and my MacOSX version is 10.6.4.
The issue is that after connecting to the VPN server, everything will work fine for 5 minutes or so, then the connection is lost for about 2 minutes, eventually reconnects, stays connected for about 5 minutes, over and over again.
When the connection is lost, this shows up in the Mac console:
7/21/10 10:16:05 AMvpnagentInitiating rekey for SSL connection.
7/21/10 10:16:05 AMvpnagentInitiating a reconnect for rekey with a new SSL connection.
I had the exact problem I had to upgrade the client to the new version which is 2.5.0217. This one worked and no more disconnects. But now I cannot get outside to internet. Windows PC's work fine but I cannot get the mac book to bring in a web site. Trying to figure the issue unless you seen this. Let me know.
Are Windows clients able to connect to the same connection profile without issue? The default rekey lifetime is 30 minutes so if you are seeing it happen every 5 minutes, you may want to double check the "svc rekey time" configuration under the respective group policy. I did run into a similar issue with another customer which wound up being related to DNS. In that case, the CN and subject names of the certificate were configured to use FQDN which was only resolveable via public DNS servers. AnyConnect, however, was configured to send all DNS requests over the SSL tunnel. The resolution requests were being sent to a DNS server that could not resolve so the rekey process hung. Once the active tunnel was torn down, the FQDN in the certification could now be resolved by the DNS server on the physical interface allowing the new connection to establish. Configuring Split DNS resolved the issue for this particular customer. You may look into your configuration to see if this applies.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...