Sunday, April 26, 2020

Anyconnect Issue from Mac

\*To begin with, for the VMware stuff I am talking about, I do not use hostnames for the browser connections, and connect with the actual ip, (i.e.* https://192.168.1.36/ui).\**

I read reddit all the time for help on issues, but I rarely post, but I'm at a stopping point. I really need help and google/reddit/everything else aren't doing anything.

A couple of years ago I migrated our corporate environment from an ASA 5510 to a Cisco Firepower 2110 with FMC. We've always used Anyconnect as the client obviously. I run a couple of Mac's, (and am the only user in the company that does, the rest of my IT Team use Windows), and Anyconnect has run flawlessly for years. Yesterday, during the middle of a VMware migration, (we setup a new VMware cluster and installation and I was migrating all the VM's from the old hosts to the new), I plugged my Macbook into my wired connection and my connection through the VPN went screwy. I all of a sudden could not access my ILO screen's, the VMware host screen's or any other intranet site at work, (FMC, Cisco Wireless Controller, Sharepoint, our time and attendance, etc). Regular internet traffic was still working. Obviously, I checked the status of the Anyconnect client, (it had reconnected).

I began really testing this, so, as stated above I connect with IP addresses, not hostnames for VMware, so, I assumed this was not a DNS issue, but still tested that. I can ping everything, via IP address or hostname. It all works. I can RDP across Anyconnect, (which is how I finished the migration btw), I can telnet and SSH to all devices, including my VMware ESX systems. I can browse to the intranet to a non port 80 or 443 address through a web-browser, (i.e. the vSphere Server Appliance configuration page is at https://xxx.xxx.xxx.xxx:5480 and that works flawlessly).

So, everything works, except port 80 and 443 from ANY WEB BROWSER. I tried Safari, Edge Chromium, Google Chrome, Firefox, I even installed Tor and that didn't work.

If I do a portscan on one of my devices, 80 and 443 show as open.

If I run my windows 10 VM on Parallels, and connect through the Anyconnect VPN, it works fine. My other Mac works fine, this is clearly a problem with my primary Mac only.

Things I have done:

A) Create a new location in network preferences

B) Checked the routing tables, (though, everything else works, why would this not be right?)

C) Delete and re-add Wifi

D) Delete NetworkInterfaces.plist, com.apple.wifi.message-tracer.plist,
com.apple.airport.preference.plist, preferences.plist

E) Uninstall and re-install Anyconnect. Also, remove the Anyconnect configuration files, and profile
files. I have tried various versions of this step over and over.

F) Rebooted a million times

G) Googled. Alot.

Again the action that caused this was simply plugging an ethernet cable in while I was connected to the VPN over WiFi.

Any suggestions?

My good friend and fellow Network Admin/Manager suggested I wipe and start over with the Mac. Well, with the whole work from home thing, my time machine backups are not current. Also, WHY is that always a solution? I have thought about calling Cisco and/or Apple, but I have a feeling they will point at each other and not help. Although my inclination is to call Cisco first if it comes to that.



No comments:

Post a Comment