I was forced to reboot to fix it so I could reconnect to the VPN. I had an incident after an unclean VPN exit where later the VPN hostname could not be found. To disconnect, just Ctrl-c in the window where you started the VPN connection.
The only thing you should be prompted for is your VPN password. pem file somewhere on your hard drive (I put it in ~/.ssh/.pemĬonnect! sudo openconnect -user= -cafile= Search the "System Roots" keychain to find your root certificate and select itįile > Export Items. visit your SSL VPN in Chrome, click the green lock, click "Certificate Information") trusted by browsers), so we can safely trust it by specifying the CA file after exporting it from Ke圜hain:ĭetermine the name your root certificate (i.e. The self-signed cert is actually the root certficate and (hopefully) is one with implicit trust (i.e. (Optional) When connecting to your SSL VPN, openconnect may complain about a "self-signed certificate" being in the chain and force you to explicitly accept it every time. sudo visudo -f /etc/sudoersĪnd added this line: %admin ALL=(ALL) NOPASSWD: /usr/local/bin/openconnect So, I added password-less sudo ability for the openconnect command. (Optional) Running openconnect requires sudo, presumably because it affects resolution of DNS.
OpenConnect can be installed via homebrew: brew update And by "conflicts", I mean it causes a grey-screen-of-death kernel panic anytime you connect to the VPN and Pow is installed.Īs an alternative, there is OpenConnect, a command-line client for Cisco's An圜onnect SSL VPN. Unfortunately, the Cisco An圜onnect client for Mac conflicts with Pow.
0 kommentar(er)
