Mac: No Captive Portal

KB ID 0001780

Problem

I was on a train today, and they were offering free Wi-Fi but despite me being able to connect, I had no internet access. This has happened a few times to me and it’s when I need to connect to a captive portal to get internet access, then no captive portal ever appears.

Note: A captive portal is just a pop up window that you usually see on ‘Free‘ wifi services, so you can ‘Pay‘ for connection, by giving them your details (name, email etc).

No Captive Portal: Solution

Now I could connect with my Android phone and that has a hotspot so I knew the problem was on my Mac, and I had my work iPhone in my bag I could also connect to that and get 4G. But I wanted to bottom out the problem in case I was ever stuck.

Open your network preferences > Select the Wifi connection > Advanced.

Firstly let’s try the obvious, locate the entry that matches the SSID you are trying to connect to , and Delete it  > OK > Try again?

In my case the problem was being caused by the fact I had static DNS entries (Google’s DNS servers), this is why the captive portal was never being shown. You cant do a DNS lookup, before you have internet access, and if your DNS servers are on the internet, you can’t resolve the private URL of the captive portal!

Delete all the static DNS entries (dont panic! you will get the correct one dynamically allocated to you.) Once you’ve removed them all > OK  > Try again.

Fixed.

Related Articles, References, Credits, or External Links

NA

VMware Fusion: Guest VM ‘Lost’ Network Connectivity

KB ID 0001450

Problem

I keep a Windows 10 VM on my laptop, and last week it lost network connectivity, (it’s set to get its IP from my mac and get network connectivity via NAT). The guest was getting a 169.254.x.x APIPA address so either NAT was down, or there was no network?

Solution

You need to ‘Restart’ the services on the Mac host machine. Execute the following two commands;

[box]

sudo /Applications/VMware\ Fusion.app/Contents/Library/vmnet-cli --stop   
  
sudo /Applications/VMware\ Fusion.app/Contents/Library/vmnet-cli --start  

[/box]

Then check you guest machine again.

Related Articles, References, Credits, or External Links

NA

MAC OSX – Connecting to Cisco IPSEC VPN

KB ID 0001197 

Problem

Here we are dealing with the older IPSEC VPN method of remote VPNs, NOT AnyConnect. There is/was a VPN client for Mac OSX which you can still download. But modern versions of OSX have the Cisco IPSec VPN client built into them. 

I’m assuming you have already configured the firewall, if not see the article below;

Cisco ASA5500 Client IPSEC VPN Access

Solution

Open your network preferences and add in a new connection > Interface = VPN > VPN Type = Cisco IPSec > Service Name = A sensible name you will recognise, (like connection to work, or home  etc.)

 

Server address is the public IP, (or name if you have DNS setup*) of your Cisco Firewall  > Enter your VPN username > I don’t put in the password, so I will have to type in in manually > Click Authentication Settings.

*For DNS you will need a static public IP, and a registered domain name. The ASA DOES NOT support DNS updates to online services like DynDNS or No-IP etc. It does support DDNS but means the server that leases you your public address is supposed to update your DNS for you, and unless you are your own ISP, and you host your own public DNS records, this wont work!

Here you need to supply the ‘shared secret’ for the VPN tunnel, and the Group Name. Your firewall admin should give these to you.  If they don’t know, tell them to run ‘more system:running-config’ on the firewall and give you the shared secret and ‘group-policy’/’tunnel-group’ name for this remote VPN  > OK.

Nearly every time you use DHCP, the firewall with either lease you an address from a ‘pool’ of VPN addresses, or broker the connection, and use your internal DHCP server.

Now to connect the VPN, select the icon shown, and click your Cisco VPN, (in the picture I have two).

If you didn’t put your password in during setup, you will be prompted to enter it to continue.

It does not work?

With all things Cisco, if there’s a problem your easiest way to a solution, is to run a ‘debug’ on the firewall. Execute the following two commands on the firewall, and attempt to connect again, this should point you in the right direction.

[box]

debug crypto isakmp 127
debug crypto ipsec 127

[/box]

Related Articles, References, Credits, or External Links

iPhone and iPad – Configure the Cisco VPN Client

AnyConnect Error: ‘The AnyConnect package on the secure gateway could not be located’

KB ID 0000406 

Problem

While attempting to connect to a Cisco firewall with a Linux client (In my case Ubuntu 10.10,) using AnyConnect you see the following error.

Or on MAC OSX

Error:
Cisco AnyConnect VPN Client
The AnyConnect package on the secure gateway could not be located. You may be experiencing network connectivity issues. Please try connecting again.

Note: You may also see this error on a Mac OSX, or a Windows CE machine.

Solution

Package location (ASDM version 6.2)

Package location (ASDM version 7.1)

Related Articles, References, Credits, or External Links

NA

Cisco – Using a Mini USB Console Cable

KB ID 0001073 

Problem

A colleague asked me if I had a USB console cable, because the switch he was working on had a failed RJ45 console port. I thought it was just the same cable that charged my phone (USB A to micro USB). But it isn’t, it’s mini USB.

I thought, that might happen to me at some point, and rather than carry yet another cable I got onto eBay and got a female micro USB to male mini USB converter for about 99p. Then all I needed to do was test it.

Solution

Use Cisco USB Console Cable on Mac OSX

1. Just plug it in and the Mac detects it without the need for drivers, (providing the other end is plugged into a device!). You may see something like the following popup, if you run VMware Fusion;

Note: if you want to find out what device it is being called by macOS, simply issue the following command;

[box]ls -ltr /dev/*usb*[/box]

2. You can then can connect directly to it (using 9600 baud as usual), with the following command (your device name in red will differ);

[box]screen /dev/tty.usbmodem1411 9600[/box]

3. Or if you use an application;

RoyalTSX

Using SecureCRT

4. And we are in.

Use Cisco USB Console Cable on Windows

Things are a little more convoluted on Windows, you need to install a driver (which involves a reboot).

1. Download the Windows Cisco USB Console Cable Driver.

2. When installed and connected to a Cisco device, you should see something like the following in device manager (devmgmt.msc).

3. Now using your preferred terminal emulation software (below I’m using PuTTY) connect using the COM port you identified above.

 

Related Articles, References, Credits, or External Links

NA