Tunnelblick Cisco Anyconnect

| 30-04-2021
[RAND-1-100] Comments



Highlighted Articles
News
Installing Tunnelblick
Uninstalling Tunnelblick
Setting up Configurations
Using Tunnelblick
Getting VPN Service
Common Problems
Configuring OpenVPN
Release Notes
Thanks
FAQ

Discussion Group
Read Before You Post

PLEASE discuss any problems on the Tunnelblick Discussion List.

The following are known problems or limitations in Tunnelblick:

  • The standard script that 'Set nameserver' uses handles DNS for most common setups. For other situations, one of the other settings may work, or you can use custom scripts. See Setting up Configurations for details.

  • When attempting to connect to a VPN using a TAP connection, OpenVPN may display a series of 'write to TUN/TAP : Input/output error (code=5)' error messages. Although a few of these messages are normal, if they continue to be displayed for more than a few seconds, try to connect using 'Set nameserver (alternate 1)'.

  • If 'Set nameserver' is selected, all 'up' and 'down' options in the OpenVPN configuration file will be ignored. To work around this, include appropriate parts of the standard up/down scripts in your own scripts and select 'Do not set nameserver'. (The reason for this is that OpenVPN's 'down-pre' option cannot be used with the standard 'Set nameserver' down script, but may be used by custom scripts, so the two scripts cannot be used together.)

  • High values for the OpenVPN 'verb' option may cause high (99+ %) CPU use by Tunnelblick. Reduce the 'verb' value in the OpenVPN configuration file to 3 or 4 for best performance.

Tunnelblick

Tunnelblick Cisco Anyconnect Login

Cisco

This is the GUI client for OpenConnect VPN, an open-source alternative for Cisco AnyConnect. A VPN client compatible with the Cisco AnyConnect VPN Client (now Cisco AnyConnect Secure Mobility Solution) and an open source replacement for the official Cisco Linux Shimo. Apr 18, 2018 Pygame is a set of Python modules used for writing simple video games and graphical programs. It is cross-platform, which means it can be installed on both Windows and Mac computers.

TunnelblickTunnelblick Cisco Anyconnect

Tunnelblick For Linux

I'm having trouble with AnyConnect plus Tunnelblick.
I use AnyConnect to connect into the company intranet from home. I've been using Tunnelblick (OpenVPN) to connect *over the AnyConnect VPN* to connect to an internal cluster, through its firewall.
This has been working quite well for years (with the normal occasional glitches) but has never failed like this.
The usual behavior: Connect to the company VPN using AnyConnect; connect to the internal VPN using Tunnelblick. Anyconnect then 'renegotiates' its connections, settles, and all is good. I can connect to the internal cluster via its VPN, through its firewall.
The abnormal behavior is this: I connect up to the company intranet using AnyConnect. I then connect to the internal cluster with Tunnelblick. That connection succeeds and in the process of the AnyConnect's renegotiation, AnyConnect fails, first reporting 'Lost connection to VPN Service. Reattaching...' and then 'Unable to contact the VPN service. Please restart the application.'
No amount of trying to reconnect works until I disconnect the Tunnelblick connection (makes sense) and restart the AnyConnect application.
I have reinstalled AnyConnect, tried reinstalling Tunnelblick - both the stable version and the newer beta version. No difference.
I have grabbed two Cisco Dart reports - one with properly functioning VPN and the second with crashed VPN access - but don't know what to do with them.
This problem pretty much renders remote working impossible.
I don't know where to go next. I'd like to report this to Cisco Support but I don't know the corporate support contract number.
I can use the tedious multi-hop ssh tunneling, but really need to get the usual way to work again. Tunnelblick has been a great simplifier for this comples situation.
Update: This is confounding, but perhaps a hint: the whole sequence works fine when on a wire to my Comcast modem. It fails when connected via wireless. The Comcast wireless experts tried a few different 'security' settings in the router but couldn't fix it. It would seem that there might be some port issue with the wireless router. Is this really a Comcast wireless issue or a Cisco issue?
Update 2: The same thing happens on Verizon WiFi as well.
Details: MacOSx 10.11.6, Tunnelblick Tunnelblick 3.6.5 (build 4566), AnyConnect v4.1.08005