Showstopper Bug: Cisco VPN

Discussion in 'Parallels Desktop for Mac' started by schmidp, Jun 1, 2006.

  1. schmidp

    schmidp Member

    Messages:
    49
    Hi,

    there is a big showstopper bug since RC2 if you depend on using Cisco VPN Client (http://www.macupdate.com/info.php/id/10317) to connect to a vpn.

    if parallels is installed, the Cisco client can't talk to it's driver:

    Error 51: Unable to communicate with the VPN subsystem.

    If I uninstall Parallels the Cisco client immediately starts to work again.

    One can also manage to get the Cisco client working again, if one restarts the Cisco service which causes the kernel driver to unload and load again. (sudo SystemStarter restart CiscoVPN)

    maybe it's a problem of the order the drivers are loaded?


    This is the log of my system startup:

    Jun 1 15:32:31 Delayed kernel[0]: Parallels Workstation Hypervisor started.
    Jun 1 15:32:31 Delayed kernel[0]: CiscoVPN : attempting to attach to all available ethernet interfaces.
    Jun 1 15:32:31 Delayed kernel[0]: CiscoVPN : checking if we are already attached to interface: wlt1
    Jun 1 15:32:31 Delayed kernel[0]: CiscoVPN : no, not yet attached to interface: wlt1
    Jun 1 15:32:31 Delayed kernel[0]: CiscoVPN : interface: wlt1, filter attached.
    Jun 1 15:32:31 Delayed kernel[0]: CiscoVPN : current MTU for wlt1 is 1500, saving it.
    Jun 1 15:32:31 Delayed kernel[0]: CiscoVPN : checking if we are already attached to interface: en1
    Jun 1 15:32:31 Delayed kernel[0]: CiscoVPN : no, not yet attached to interface: en1
    Jun 1 15:32:31 Delayed kernel[0]: CiscoVPN : interface: en1, filter attached.
    Jun 1 15:32:31 Delayed kernel[0]: CiscoVPN : current MTU for en1 is 1500, saving it.
    Jun 1 15:32:31 Delayed kernel[0]: CiscoVPN : checking if we are already attached to interface: en0
    Jun 1 15:32:31 Delayed kernel[0]: CiscoVPN : no, not yet attached to interface: en0
    Jun 1 15:32:31 Delayed kernel[0]: CiscoVPN : interface: en0, filter attached.
    Jun 1 15:32:31 Delayed kernel[0]: CiscoVPN : current MTU for en0 is 1500, saving it.
    Jun 1 15:32:31 Delayed kernel[0]: CiscoVPN : loading cisco ipsec kernel module.
    Jun 1 15:32:31 Delayed kernel[0]: Parallels Workstation VMM Main driver started.


    greets philipp
     
    Last edited: Jun 1, 2006
  2. rgoodwin

    rgoodwin Bit poster

    Messages:
    9
    I concur...

    My MBP will be used primarily for work, and having the VPN is crucial. I would suspect that this bug is not entirely unrelated to other networking issues anyway.

    @Parallels: Have you considered a Bugzilla or Mantis site for people to register bugs? People could be directed to search there first, etc, and all items would be logically grouped. Some sample bug categories:
    • Networking
    • USB Devices
    • Full screen/Virtual Desktop
    • Guest Application installation

    If nothing else, perhaps just some subforums with those topics would suffice. I'm not sure how your dev team is spread out, but I would assume there are folks with specific expertise in certain areas, and it could help keep the flow of information more focused.
     
  3. steltenp1

    steltenp1 Bit poster

    Messages:
    7
    I agree ... VPN is dead

    After upgrading to RC2 my Cisco VPN on the Mac OS is dead. Same errors as those listed above. I can sometimes connect to the VPN on XP through Parallels, but it is very inconsistent. Prior to the upgrade, I had no problems connecting through either OS.
     
  4. m1intel

    m1intel Bit poster

    Messages:
    6
    Ditto on the above comments, but thank you for posting the work-around on restarting the CiscoVPN.

    M
     
  5. schani

    schani Bit poster

    Messages:
    1
    Cisco VPN is dead ... workaround doesn't help

    I just tried Cisco VPN on my Mac Book Pro and encountered the same problem as other people. I tried the work around suggested and it didn't work the first time, but then it did the second time I tried it (no visible difference between the two attempts in Terminal).

    VPN is critical for me to be able to work ... I didn't have this problem with earlier betas or RC1.

    Help!

    Thanks,
    Steve
     
    Last edited: Jun 1, 2006
  6. serv

    serv Forum Maven

    Messages:
    817
    philipp,

    If you're willing to experiment while we investigate the issue, try removing Parallels Host-Only Adapter (you'll be able to recover). Rename /Library/StartupItems/Parallels/Pvsvnic.kext to something else (say, Pvsvnic.kext.bak) and reboot your Mac. Let us know if it had any effect on VPN client.
    To recover just rename Pvsvnic.kext.bak back and reboot again.
     
  7. nsieger

    nsieger Bit poster

    Messages:
    1
    I've found that disabling or "downing" the host-only network adapter works for me too, without requiring a reboot. However, this needs to be done once each time you boot your machine. Issue the following command in a terminal, assuming that "en2" is the name of the parallels host-only adapter:

    sudo ifconfig en2 down​
     
  8. schmidp

    schmidp Member

    Messages:
    49
    @serv

    renaming the kext and rebooting did "fix" the cisco vpn problem.
     
  9. serv

    serv Forum Maven

    Messages:
    817
    Well... the problem is that Cisco VPN client is unable to accept the fact that a new network interface appeared after VPN has started. Indeed RC2 is loading Host-Guest Adapter driver later than previous versions (this is to avoid the delay caused by DHCP client trying to obtain an IP address for en2 while Parallels DHCP service has not yet started).

    A better workaround would be to just restart Cisco VPN from Parallels StartupItem. To do so edit Start function in /Library/StartupItems/Parallels/Parallels to include command 'SystemStarter restart CiscoVPN' in the end. However, I can't test it right away...
     
  10. markup

    markup Junior Member

    Messages:
    14
    My CiscoVPN works fine before and after RC2 installation. No issues.
     
  11. MicroDev

    MicroDev Hunter

    Messages:
    122
    I'm in the same boat. RC2 breaks my host Cisco VPN. If you issue sudo SystemStarter restart CiscoVPN from bash it starts working again. The command above in the startup did nothing for me. The log shows the following:

    Jun 1 17:22:15 macbook-pro-17 kernel[0]: com_parallels_kext_Pvsvnic: Ethernet address 00:01:23:45:67:89
    Jun 1 17:22:16 macbook-pro-17 SystemStarter[191]: Could not create IPC bootstrap port: com.apple.SystemStarter
    Jun 1 17:22:21 macbook-pro-17 bootpd[200]: interface en1: ip 192.168.0.108 mask 255.255.255.0
    Jun 1 17:22:21 macbook-pro-17 bootpd[200]: interface en2: ip 192.168.2.1 mask 255.255.255.0
    Jun 1 17:22:22 macbook-pro-17 named[201]: starting BIND 9.2.2 -c /etc/com.apple.named.conf.proxy -f
    Jun 1 17:24:00 macbook-pro-17 SystemStarter[249]: must be root to run
    Jun 1 17:24:31 macbook-pro-17 sudo: scooter : TTY=ttyp1 ; PWD=/Library/StartupItems/Parallels ; USER=root ; COMMAND=/sbin/SystemStarter restart CiscoVPN


    It also works if you disable the Parallels adapter.

    The same Cisco VPN problems I've been having still exist between the Guest and Host in RC2. If the Host is connected, the Guest can no longer query the DNS or trace to the IP address of the domain to which the host is connected. If you disconnect the Host, the Guest can then resolve the address and connect. Once the Guest is connected, you can connect the Host. However, you will briefly see the message "Network cable disconnected" from within the Guest under the "Parallel Adapter". Fortunately this does not kill the connection somehow.

    Before anyone asks, Yes, I have tried using "Allow Access to Local Lan" in the host VPN to no effect.

    All tested Windows OS's produce the same result.

    I have not tried removing the Parallel kext and doing all of this again. Perhaps that extension is the root of the problem?

    Setup:
    Windows 2000 SP4
    Windows XP SP2
    Windows 2003 SP1
    OS X 10.4.6
    Parallels RC2
    MacBook Pro 17
    Cisco VPN 4.9 (OS X)
    Cisco VPN 4.8 (Win32)
     
  12. jsolderitsch

    jsolderitsch Member

    Messages:
    54
    I can also report success in using the Cisco VPN after installing RC2.

    My Cisco Transport setting is IPSec/UDP.

    Could that be a factor -- I know others use TCP.

    My authentication method is Group Authentication.

    Jim
     
  13. prock

    prock Member

    Messages:
    23
    Cisco VPN working fine

    My Cisco VPN is working fine too. Maybe whether Cisco works is dependent on the client version.

    My setup is:
    RC 2
    windows XP with 512 memory allocated to the VM
    Cisco VPN Client for Windows NT/2000/XP (Version 4.0.5.D-K9).

    I also have the Cisco client (4.9) working on the mac side. But, I disconnected my secure connection prior to trying the VPN within the VM (although the client is still active).

    Pete.
     
  14. vincent

    vincent Bit poster

    Messages:
    4
    I had some issues with Cisco VPN earlier but I'm ok now. Version 4.7.00.0533 for Windows XP.
     
  15. rjbailey

    rjbailey Member

    Messages:
    22
    What has always worked for me in the past is
    Code:
    sudo SystemStarter restart CiscoVPN
    from the command line in Terminal every time I get that error.
     
  16. gbevin

    gbevin Junior Member

    Messages:
    13
    Same problem for me with Cisco VPN. It used to work before RC2.
     
  17. schmidp

    schmidp Member

    Messages:
    49
    guys we are talking about cisco vpn on the mac host, not in the virtual machine
     
  18. ptruskier

    ptruskier Junior Member

    Messages:
    13
    Right. I use the CIsco VPN on both host and guest OS sides. The Windows client has worked for me since I started using Parallels at b4, but as above, the Mac client requires a reload of the Cisco kext as of RC2.
     
  19. serv

    serv Forum Maven

    Messages:
    817
    Another (and probably the cleanest) solution is to update launch order for Parallels StartupItem. This command should do it:
    Code:
    sudo sh -c 'sed s/None/First/ /Library/StartupItems/Parallels/StartupParameters.plist >/Library/StartupItems/Parallels/StartupParameters.new && mv /Library/StartupItems/Parallels/StartupParameters.{new,plist}'
    Now enable en2 if you've disabled it previously.
    Could you guys try this please...
     
  20. MicroDev

    MicroDev Hunter

    Messages:
    122
    This didn't do anything for me. I still had to do a 'sudo SystemStarter restart CiscoVPN' after restarting the Mac before the Cisco software would work again.
     

Share This Page