Cisco Cisco AnyConnect Secure Mobility Client v4.x Release Notes
Problems Due to Modified sysctl Network Settings
We have seen instances where Apple's Broadband Tuner application (from 2005) was used with Mac OS X
10.9, That application changes the network settings in sysctl.conf, which can cause connection problems. That
application was designed for much older versions of the Mac OS. We suspect that the current default OS
settings take broadband networks into consideration, so most users will not need to take any action.
10.9, That application changes the network settings in sysctl.conf, which can cause connection problems. That
application was designed for much older versions of the Mac OS. We suspect that the current default OS
settings take broadband networks into consideration, so most users will not need to take any action.
Running AnyConnect 3.1.04074 along with the modified sysctl settings may generate the following message:
The VPN client driver encountered an error..please restart
To Verify
To verify that the sysctl network setting is the cause of the problem, open a Terminal window and type:
sysctl -a | grep maxsockbuf
If the results contain a value much lower than the default value of 8388608, for example:
kern.ipc.maxsockbuf: 512000
Then this value may have been overritten in /etc/sysctl.conf by Apple's Broadband Tuner application
To Fix
Edit /etc/sysctl.conf, comment out the line that sets kern.ipc.maxsockbuf, and reboot the computer.
OR
If you have no other Customization other than the one set by the Broadband Tuner application, rename or
delete sysctl.conf.
delete sysctl.conf.
Apple is aware of this problem, and has opened Bug ID: 15542576.
WebLaunch Issues With Safari
There is an issue with Weblaunch with Safari. The default security settings in the version of Safari that comes
with OS X 10.9 (Mavericks) prevents AnyConnect Weblaunch from working. To configure Safari to allow
Weblaunch, edit the URL of the ASA to Unsafe Mode, as described below.
with OS X 10.9 (Mavericks) prevents AnyConnect Weblaunch from working. To configure Safari to allow
Weblaunch, edit the URL of the ASA to Unsafe Mode, as described below.
1
Open Safari > Preferences > Security > Manage Website Settings.
2
Click on the ASA and select run in Unsafe Mode.
Active X Upgrade Can Disable Weblaunch
Automatic upgrades of AnyConnect software via WebLaunch will work with limited user accounts as long
as there are no changes required for the ActiveX control.
as there are no changes required for the ActiveX control.
Occasionally, the control will change due to either a security fix or the addition of new functionality.
Should the control require an upgrade when invoked from a limited user account, the administrator must
deploy the control using the AnyConnect pre-installer, SMS, GPO or other administrative deployment
methodology.
deploy the control using the AnyConnect pre-installer, SMS, GPO or other administrative deployment
methodology.
Release Notes for Cisco AnyConnect Secure Mobility Client, Release 4.3
19
Release Notes for AnyConnect Secure Mobility Client, Release 4.3
Problems Due to Modified sysctl Network Settings