1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SOLVED: RVL200 SSL VPN + MAC Client (10.6.4)

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by rmpel, Jun 30, 2010.

  1. rmpel

    rmpel Networkin' Nut Member

    The problem I had was that the SSL VPN Virtual Passage was not working. Eventually these steps solved it for me:

    1. Upgrade to latest firmware (I used from this forum)
    2. Make sure you have the SSL VPN Enabled under Firewall (defaults to Disabled after upgrade from 1.1.7)
    3. Browse to the https://ip.of.the.router and login with a valid user
    4. click the big lock.

    Now, at this point the software will try to install, unfortunately, this fails, time and again.
    The solution for me was this:

    5. open terminal
    6. enter pwd. something like this should return; /Users/yourusername
    remember yourusername (this might be different from your screen name)
    7. sudo to root (sudo su -), enter your password.
    8. nano /etc/sudoers
    9. add this line: yourusernamehere ALL=(ALL) NOPASSWD: ALL
    10. save the file (CTRL+O (the letter oh) and press Enter
    11. click the big lock (on the ssl vpn portal ofcourse)
    12. vpn should install without any problems
    13. now disable the sudoers line by inserting a hash in front, changing
    yourusernamehere ALL=(ALL) NOPASSWD: ALL
    #yourusernamehere ALL=(ALL) NOPASSWD: ALL
    14. save the file (CTRL+O, Enter)

    reconnecting now nags about 'update available', just ignore (click Cancel) and your connection should work fine.

    May this be of help to a lot of frustrated users :)

    And remember; the SSL VPN software doesn't work on Safari for mac, you will have to use Firefox.
  2. MJH01

    MJH01 Networkin' Nut Member

    Brilliant! You've certainly helped this frustrated user. :) Many Thanks!

    I've spent hours over the last couple of days trying to get past this point and always failing.

    I entered the changes to sudoers as you've detailed above, clicked cancel to the upgrade message and I now get a new window with the Connect button dimmed and the Disconnect button highlighted saying "Connected to" my IP address.

    Is there anything else I need to do to be able to connect to the devices via the VPN on my mac?

    Using a Vista laptop here I can connect via the RVL200 SSL VPN and ping & Remote Desktop to a PC at the remote location ( Even though the new window on the Mac now says connected to my IP address, pinging or trying to remote desktop both fail and timeout.

    I'm definitely a step nearer. As it works fine from the Vista laptop I'm guessing it must be something I still need to do on the Mac?

    (Mac on 10.6.4, Firefox 3.6.6 and RVL200 on
  3. rmpel

    rmpel Networkin' Nut Member

    First of all, glad I could help.

    In response to using the devices in your remote network;

    First of all, make sure the services work when your client computer (Vista laptop) is directly in the network. This way, if it doesn't work remotely, the only thing left to blame is the VPN connection.

    Note that there is no DNS (nor Bonjour, nor WINS) over the VPN connection, you will have to enter the devices IP address.

    Example; I connect to the remote network with the RVL, get IP
    Then I open the finder, press CMD+K and enter afp://user:password@ to connect to the secure NAS using Apple file protocol.

    For windows, should be similar, but windows will create Samba shares, so you will enter something like:
  4. dkelley

    dkelley Networkin' Nut Member

    Web management window empty FF 3.6.6

    This didn't work for me. Adding an exception in /etc/sudoers went as described, however, when i attempt to connect, i get the window /portal_linuxmac_lock.htm.
    Clicking the lock opens a small window and the notice about an update being available, but the small browser window that should include the buttons to connect is blank. Doing a view source shows code that is attempting to load an applet /vpnclient/SignedMacVPClient.jar
    FF reports a java plugin v 1.6.0_24

    Getting this to work would of course be lovely.
    Finding someway to set up a dozen laptops, with out having to do this procedure for each user would even be better. Would just coping the /vpnclient folder and setting permissions be enough to avoid tweaking sudoers?
  5. dkelley

    dkelley Networkin' Nut Member


    I am replying to my own post to update other who may have stumbled across this thread.
    Cisco's tech support report that the problem is related to the java version and that apples most recent java update broke their software. tech support says that v1.6.22 will work, but not .24.
    Seems convenient to blame the other guy, and not offer any solution.
    I have not tried to roll back, so i don't know if the information cisco provided this morning is accurate, but if you are reading this, i am assuming your desperate for any clues .... good luck.
  6. Toxic

    Toxic Administrator Staff Member

    did you upgrade to the April 2010 firmware?

    v1.1.12.1 or are you still on the v1.1.10.1 version?
  7. dkelley

    dkelley Networkin' Nut Member

    firmware version is which at the time of my original post was the most current version listed on the download page.

    Since i am having this discussion largely with myself, i will post additional findings.
    I did a clean OS install, rolling back to 10.6. Ran no system updates. This left me with a java version of 1.6.0_15. When i attempt to connect i get a dialog with the message "Needed permissions couldn't be set on some files. Root privileges required for setting permissions"

    enabling the root user account, then loggin in as root, worked to get the vpnclient applet installed and to see the contents of the mac_connect.htm window. The hack at the beginning of this thread would probably also work.

    Just to clarify there are three issues with the product:
    - it doesn't work with safari, only FF
    - Unless you fiddle with either the sudoers hack or log in as root, you can't get the needed java applet installed.
    - the most recent version of either the OS or the java version 1.6.0_24 won't work, cisco says java version 1.6.0_22 will work.
    - installing 10.6, with java ver. 1.6.0_15, using ff, while logged in as the root user did work.

    more clues for the truly determined ;-)
  8. weston

    weston LI Guru Member

    I am having the same problem except for that I am running Lion (10.7). I get the same java problem (please check that you are running as root message). adding my account to sudoers did not make a difference. any ideas??
  9. Toxic

    Toxic Administrator Staff Member

    afaik there is an issue with SSL VPN and Java across most of the Cisco range if you are using a fairly new Java version, (cisco forums have plenty of posts about this) Cisco is working on a fix, have you tried running an earlier version of Java?

Share This Page