I was having so much trouble with AnyConnect 2.5.x.
- Sometime after it connect, nothing received out (you can still see package sends out). Basically you lost connection.
- The split traffic doesn’t work. I would like to be able to access my LAN while I’m on VPN. I couldn’t figure out how it works.
- It replace my /etc/hosts file silently. You can work around it by editing /etc/hosts.ac. Sometime if I forget, my hosts file will be lost.
- It doesn’t save the username and password. Have to retype them every time.
- New version 3.x doesn’t solve the problem….
So I decided to switch to OpenConnect, which is an open source client for Cisco AnyConnect SSL VPN. (http://www.infradead.org/openconnect/). Under OSX, it can be easily installed through MacPorts (http://www.macports.org/).
- Install MacPort (http://www.macports.org/install.php)
- Install OpenConnect
sudo port install openconnect
- Connect with OpenConnect
sudo openconnect -u USERNAME https://YOUR_VPN_SERVER
- At the time of writing this blog, the version of openconnect on MacPorts is 3.18 and the latest version is 4.07. To use the latest version, I just replaced the Portfile in my ports repo. I also submitted the new version to MacPorts. Hopefully by the time you install it, it will be the latest version. If not, you can always download my Portfile from here (https://raw.github.com/xcompass/macports/master/net/openconnect/Portfile). Then copy the file to
Or create a local repo as described here: http://guide.macports.org/#development.local-repositories
- To split the traffic, use this script: http://lists.infradead.org/pipermail/openconnect-devel/2012-June/000606.html. Replace the ROUTES at the top and path to vpnc-script at the bottom (should be /opt/local/etc/vpnc/vpnc-script for vpnc installed through MacPorts)