OS X Command Line IPv4 interface Reset

Question

Juniper's Network Connect VPN client seems to leave an OS X network interface in an unusable state if it does not disconnect gracefully.

Edit: "disconnect gracefully" refers to any time the VPN drops for reasons other than clicking the "Sign Out" button on the software client. This happens when the wifi drops out long enough to cause the VPN to drop, or perhaps I closed the laptop screen without remembering to disconnect, etc.

From the terminal, a simple ping gets you the following result:

ping: sendto: Cannot allocate memory

Rebooting solves the problem, but that is inconvenient.

Using ifconfig to reset the interface does not work:

ifconfig en0 down
ifconfig en0 up

Neither does flushing the route table:

route -n flush

I also tried resetting the DNS cache (completely irrelevant, but I figured I would give it a try anyway). That obviously did not work.

launchctl unload /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
launchctl load /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist

What finally worked reliably was to shut off IPv4, and then turn it back on using the following steps:

Open System Preferences
Click on the Network Icon
Click on the broken interface.
Click the Advanced button.
Select TCP/IP
Select "Off" under Configure IPv4.
Select "OK"
Select "Apply".
Do steps 4 - 8 again, but replace 6 with your desired IP configuration method.

So to my question... Is there a way to achieve the same as steps 1-9 above from the command line? Ideally I would like to be able to call a bash script to do the reset.

Note: This was tested on OS X Mountain Lion and OS X Yosemite. I skipped over OS X Mavericks, hence the reason I omitted that specific tag. I have every reason this applies to Mavericks as well, but I cannot prove it.

"Juniper's Network Connect VPN client seems to leave an OS X network interface in an unusable state if it does not disconnect gracefully." -- I'm not certain what an ungraceful disconnect would be for your case, but we've run SA appliances for years with OSX clients and haven't experienced what you are seeing. Have you checked with Juniper TAC about this? — TheCleaner, Oct 22 '14 at 21:33
Anytime the network connection drops long enough to kill the VPN I get left in this state. Occasionally the wifi will have a hiccup, or perhaps I closed the laptop before properly disconnecting, etc. Contacting Juniper TAC simply not an option in my particular case. — Chuck Wolber, Oct 23 '14 at 06:08
My experience is when I am connected via VPN through a Wi-Fi connection and the Wi-Fi connection stops responding (due to session policy, network failure, etc.), the Juniper Network Connect client starts asking for root passwords to "change" things. You can kill the client and restart it, and even turn Wi-Fi off and on, but the client will never reconnect without a reboot. Not without Sunil P's answer below. — Snapman, Nov 04 '15 at 18:15

score 9 · Accepted Answer · edited Dec 11 '14 at 17:30

9

These commands worked for me.

Shutting off IPv4:

sudo networksetup -setv4off Wi-Fi

Setting it back to DHCP:

sudo networksetup -setdhcp Wi-Fi

edited Dec 11 '14 at 17:30

Hyppy

15,458
1
37
59

answered Dec 11 '14 at 17:25

Sunil P

106
3

3

Works great. And for a wired connection: `s/Wi-Fi/Ethernet/` – Chuck Wolber Dec 13 '14 at 07:32
1

If doing this remotely (e.g. TeamViewer), the first command on its own will presumably break the connection, so run both commands on the same line, separated by a semicolon. – mwfearnley Sep 04 '19 at 11:53
In my case there were different names, `networksetup -listallnetworkservices` tells all. – Ed Randall Oct 21 '19 at 06:55

score 1 · Answer 2 · answered Oct 23 '14 at 06:26

1

See the routing table and remove all the routes to your local/VPN networks, then try reconnecting to your VPN.

sudo route delete 192.168.1.0

or so :)

answered Oct 23 '14 at 06:26

Janne Pikkarainen

31,454
4
56
78

score 1 · Answer 3 · answered Oct 23 '14 at 09:57

Maybe you're looking for networksetup? Specifically the on/off that's last in this abbreviated list with other options that may be directly useful. (Run that command without arguments to see the entire huge long list of options.)

 Usage: networksetup -listnetworkserviceorder
      Display services with corresponding port and device in order they are tried for connecting
      to a network. An asterisk (*) denotes that a service is disabled.

 Usage: networksetup -listallnetworkservices
      Display list of services. An asterisk (*) denotes that a network service is disabled.

 Usage: networksetup -getnetworkserviceenabled <networkservice>
      Display whether a service is on or off (enabled or disabled).

 Usage: networksetup -setnetworkserviceenabled <networkservice> <on off>
      Set <networkservice> to either <on> or <off> (enabled or disabled).

score 1 · Answer 4 · edited Jan 09 '16 at 08:41

1

I see this issue every time I close out of Network Connect VPN in any ungrateful manner. I used the answer provided above and acreages an alias in my /etc/profile

alias netbounce='sudo networksetup -setv4off Wi-Fi;sudo  networksetup -setdhcp Wi-Fi'

Now when this happens I type netbounce at the terminal and all is right with the world.

edited Jan 09 '16 at 08:41

Falcon Momot

24,975
13
61
92

answered Sep 29 '15 at 11:48

Jonathan.Wagner

11
2

OS X Command Line IPv4 interface Reset

4 Answers4