cancel
Showing results for 
Search instead for 
Did you mean: 

Snow Leopard Network Connect Fix

syntaxian_
Occasional Contributor

Re: Snow Leopard Network Connect Fix

jwhitley,

Sorry to hear none of the fixes worked for you. You could try updating your SA device to 6.4.0. it would of course affect all your users in that they'll have to upgrade when they try to login.

EWETEL-IPBB_
Not applicable

Re: Snow Leopard Network Connect Fix (including possible solution)

I have discovered the following problems (based on JNC 6.3.0) and got some solution:

After executing the commands on top of this thread, Juniper Network Connect is working on application base but the connection is very unstable and dropping packets. When sending ICMP to some host, there were ~four successful requests followed by ~five request with "no route to host".

After I have sniffed and had a look into the logs I could see that there is a problem with editing the routing-table through network connect:

rmon.warn adding back the missing route to 0.0.0.0/0.0.0.0 with gw 0.0.0.0, metric 1, if_id 9
rmon.info Adding route: 0.0.0.0/0.0.0.0 -> 0.0.0.0 (metric:1) (if_id:9)
rmon.warn deleted route to 0.0.0.0/0.0.0.0 with gw 0.0.0.0, if_id 7 reappeared
rmon.info Deleting route: 0.0.0.0/0.0.0.0 (routemon.cpp:1979)
rmon.error Failed to delete route. No such process (routemon.cpp:1014)

I had read before, that only a few people on Snow Leopard had discovered this problem so I had a look at my "individuals" on the MAC. I've got some virtual connections like dot1Q VLANs and Parallels Interfaces having a default-route in it. When I deactivated these interfaces and only left my default internet connection active the connection via network connect was stable and not dropping packets! The log stayed quite.

Maybe this could help some people on Snow Leopard! Eventually I'll post some updates on my blog to keep you up to date: Blog Post

Kind regards from Oldenburg,

Hendrik

Message Edited by EWETEL-IPBB on 09-16-2009 05:32 AM
Auto-Tim_
Not applicable

Re: Snow Leopard Network Connect Fix

First of all I take no credit for this fix, I am merely the messenger. This has worked for us at Autodesk.

So first do the chmod fix and create the frameworks directory (see post #1). Then turn off all network interfaces except for the one you are currently using (see post #12). Then excecute the following command:

sudo chmod 4711 /usr/local/juniper/nc/6.3.0/ncproxyd

and now you should be able to get in and not drop packets. Someone has suggested that the above change is necessary as of 10.6.1. I have not been able to verify this as I went straight to 10.6.1 after I installed 10.6.

So let us know if it works for you.

JQ_
Occasional Contributor

Re: Snow Leopard Network Connect Fix

Thanks for the fix.

This worked for us.

sudo chmod 755 /usr/local/juniper/nc/[version number]/
sudo mkdir '/Applications/Network Connect.app/Contents/Frameworks'
jwhitley_
New Contributor

Re: Snow Leopard Network Connect Fix


So first do the chmod fix and create the frameworks directory (see post #1). Then turn off all network interfaces except for the one you are currently using (see post #12). Then excecute the following command:

sudo chmod 4711 /usr/local/juniper/nc/6.3.0/ncproxyd

and now you should be able to get in and not drop packets. Someone has suggested that the above change is necessary as of 10.6.1. I have not been able to verify this as I went straight to 10.6.1 after I installed 10.6.


For what it's worth, the above didn't work for me. ncproxyd already had correct permissions (perhaps because I installed under 10.6.0?) when I checked it out. Even with an OS X network location that has all other interfaces turned off, Network Connect still hangs just after logging in via the mini web dialog; the connection status dialog never appears.

Any word on an official release that will address Snow Leopard issues?

123go_
Contributor

Re: Snow Leopard Network Connect Fix

Snow Leopard is a listed under "Qualified platform" in IVE OS 6.5R1.

Refer KB14935 and IVE OS 6.5 Supported Platforms

Prior to IVE OS 6.5R1 it should work using the workaround provide in this Post.

erdems_
Not applicable

Re: Snow Leopard Network Connect Fix (including possible solution)

Hi all,

In case you're having issues with 32/64 bit differences and/or you've installed Snow Leopard from scracth instead of upgrade (e.g. new mac with SL installed), here's what would most likely work for you:

1. Remove any previous attempt of NetworkConnect (including /usr/local/juniper/nc, along with typical application folders)

2. Switch safari to 32-bit mode, open your vpn address, login and initiate network connect. If you're asked to confirm any write operations, click yes.

3. NC will fail to establish the tunnel session, as expected. Close safari.

4. Change the permissions of folders and create new ones as described in the first post and switch safari back to 64bit mode.

5. Open safari, go to your vpn address, login, initiate network connect; and you're done.

I'm not 100% sure what switching between 32/64 bit modes "FOR the FIRST TIME ONLY" accomplished but I've tested these chain of events on three different SnowLeopard installations and worked like a charm every time.

HTHs,

Erdem

William_
Occasional Contributor

Re: Snow Leopard Network Connect Fix (including possible solution)

I don't believe the Java applet that performs the installation works very well under 64-bit. I've been telling our customers to simply log into the SSL VPN first and then download the installer using the /dana-cached/nc/NetworkConnect.dmg URL

Ken-J_
Contributor

Re: Snow Leopard Network Connect Fix

Having applied the two-sudo-statement fix to get Network Connect to run with Mac OS 10.6:

Is there anything to watch out for, or undo, when upgrading to IVE 6.5R1?

thnx

rlsmile_
Not applicable

Re: Snow Leopard Network Connect Fix

I just upgraded to Snow Leopard 10.6.2 from 10.5.8. Below is what I had to do to get Network Connect functioning again.

1. Launch Safari in 32 bit mode (get info on Safari.app and click check box)
2. Navigate to your VPN gateway (GATEWAY.YOURDOMAIN.com) - Make sure NetworkConnect.app is not launched before you go to URL
3. Click on START button next to Network Connect after logging in ( This will install the right version and launch NC.app but it will fail to connect.)
4. Close NetworkConnect.app (Logout of your VPN Gateway)
5. Run command: sudo chmod -R 755 /usr/local/juniper/nc/X.X.X/ (Change X.X.X to the version you have installed. For me it was 6.0.0)
6. Run command: sudo mkdir '/Applications/Network Connect.app/Contents/Frameworks'
7. Run command: sudo chmod 4711 /usr/local/juniper/nc/X.X.X/ncncproxyd (Change X.X.X to the version you have installed. For me it was 6.0.0)
8. Launch NetworkConnect.app

Thank you to all the people that posted all the information above. I am simpily posting the solution all together.

Richard