OS X Command Line IPv4 interface Reset
Juniper's Network Connect VPN client seems to leave an OS X network interface in an unusable state if it does not disconnect gracefully.
Edit: "disconnect gracefully" refers to any time the VPN drops for reasons other than clicking the "Sign Out" button on the software client. This happens when the wifi drops out long enough to cause the VPN to drop, or perhaps I closed the laptop screen without remembering to disconnect, etc.
From the terminal, a simple ping gets you the following result:
ping: sendto: Cannot allocate memory
Rebooting solves the problem, but that is inconvenient.
Using ifconfig to reset the interface does not work:
ifconfig en0 down
ifconfig en0 up
Neither does flushing the route table:
route -n flush
I also tried resetting the DNS cache (completely irrelevant, but I figured I would give it a try anyway). That obviously did not work.
launchctl unload /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
launchctl load /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
What finally worked reliably was to shut off IPv4, and then turn it back on using the following steps:
- Open System Preferences
- Click on the Network Icon
- Click on the broken interface.
- Click the Advanced button.
- Select TCP/IP
- Select "Off" under Configure IPv4.
- Select "OK"
- Select "Apply".
- Do steps 4 - 8 again, but replace 6 with your desired IP configuration method.
So to my question... Is there a way to achieve the same as steps 1-9 above from the command line? Ideally I would like to be able to call a bash script to do the reset.
Note: This was tested on OS X Mountain Lion and OS X Yosemite. I skipped over OS X Mavericks, hence the reason I omitted that specific tag. I have every reason this applies to Mavericks as well, but I cannot prove it.
These commands worked for me.
Shutting off IPv4:
sudo networksetup -setv4off Wi-Fi
Setting it back to DHCP:
sudo networksetup -setdhcp Wi-Fi
See the routing table and remove all the routes to your local/VPN networks, then try reconnecting to your VPN.
sudo route delete 192.168.1.0
or so :)
Maybe you're looking for networksetup? Specifically the on/off that's last in this abbreviated list with other options that may be directly useful. (Run that command without arguments to see the entire huge long list of options.)
Usage: networksetup -listnetworkserviceorder
Display services with corresponding port and device in order they are tried for connecting
to a network. An asterisk (*) denotes that a service is disabled.
Usage: networksetup -listallnetworkservices
Display list of services. An asterisk (*) denotes that a network service is disabled.
Usage: networksetup -getnetworkserviceenabled <networkservice>
Display whether a service is on or off (enabled or disabled).
Usage: networksetup -setnetworkserviceenabled <networkservice> <on off>
Set <networkservice> to either <on> or <off> (enabled or disabled).
I see this issue every time I close out of Network Connect VPN in any ungrateful manner. I used the answer provided above and acreages an alias in my /etc/profile
alias netbounce='sudo networksetup -setv4off Wi-Fi;sudo networksetup -setdhcp Wi-Fi'
Now when this happens I type netbounce at the terminal and all is right with the world.