Skip to main content

We’ve come across an issue with Cisco AnyConnect where the connection option we use (called client_installed_local) appears fine on Intel Macs, but does not appear at all using the same version of AnyConnect on M1 Macs. We’re using AnyConnect 4.10.04071.

How our setup should work:

  • User connects to the VPN server
  • User is then prompted to choose options for connecting. Client_installed_local is the first option, and what the user will be choosing.
  • This then kicks the user over to Azure MFA authentication.
  • Once authenticated via Azure, the VPN connects

Other facts:

  • The installer package is the webdeploy core vpn package, pulled from the predeploy package. I have been told we don’t need anything else.
  • Our previous versions all used the webdeploy package. There is nothing special about these that I can see.
  • Tested on macOS 12 and 13 on both the M1 and Intel sides
    • Older versions ran on everything from 10.14 up to 11 without issue on Intels

Here’s what I’ve tried:

We can't be the only group be having this issue. What are we doing wrong? What are we missing? What about Apple Silicon makes this not work? Is the app sandboxed in a way that the Intel app wouldn’t have been? Is there something I should be doing to the Installer package? I don’t think I need to wrap a certificate in it, but honestly I’ll take whatever dark magic I can get to make this work.

Out of interest any reason why you're not running the latest version of AnyConnect (4.10.06079)?


Out of interest any reason why you're not running the latest version of AnyConnect (4.10.06079)?


The short answer is because networking hasn't updated the package. I'll relay this to them and see if it makes a difference.