Overcoming Cisco AnyConnect VPN and Vagrant Incompatibilites

Joel Steidl

On some of our projects, we have a requirement to connect to a VPN for server access. Our team was having an issue specifically with Cisco AnyConnect Secure Mobility Client on Mac OSX making vagrant based local development environments become non-responsive. After connecting to the VPN, SSH inside the Vagrant box would stop working, as well as visiting any local domains. From what I've gathered, Cisco AnyConnect can be a bit aggressive with local networking.

I've seen the same thing in the past, because AnyConnect basically blows out your hosts file and local networking configuration and replaces it with Ciscos (many other things besides local development environments can be broken because of this).
Jeff Geerling, Creator of DrupalVM

From what I could find, the issue seems to be semi-well documented with very few or complicated solutions. Here are just a few over the past few years:

The only resolve is to completely restart the computer and then start Vagrant again. Simply restarting vagrant did not work. This of course is completely frustrating when you need to switch between local development and testing in a staging environment where VPN is required.

Resolution

Finally after a lot of searching, I found OpenConnect. OpenConnect is an SSL VPN client initially created to support Cisco's AnyConnect SSL VPN. In my case, I was able to simply switch from Cisco AnyConnect to OpenConnect and all my Vagrant issues went away.


About the Author

With over ten years of professional experience, Joel's joint background in design, development and information architecture allows him to lead our development team with a focus on building user-centered web applications.

Read More