+3Hello, we use Cisco AnyConnect 5 on our Mac systems. The one feature I've been unable to get working so far is our VPN management tunnel. We have the management tunnel configured by an XML file on our Windows systems but I can't find any information on where exactly it should go in MacOS (we're running 13.5.2) or how I can use Jamf to push this profile to make sure the management tunnel connects, even before login if possible.
Any suggestions?
Best answer by AJPinto
We moved off of AnyConnect 4-5 months ago. If I remember correctly the .xml files in /Opt/Cisco/AnyConnect/filename.xml. You should just be able to package the xml and push it from JAMF, though absolutely verify the path.
You may be able to configure everything on your ASA, and it should download all the bits on next authentication. Once its on the device you can try to track down the exact file name.
I found this path in the link below.
Windows: C:\\ProgramData\\Cisco\\Cisco AnyConnect Secure Mobility Client\\Profile\\MgmtTun
macOS: /opt/cisco/anyconnect/profile/mgmttun/
+26We moved off of AnyConnect 4-5 months ago. If I remember correctly the .xml files in /Opt/Cisco/AnyConnect/filename.xml. You should just be able to package the xml and push it from JAMF, though absolutely verify the path.
You may be able to configure everything on your ASA, and it should download all the bits on next authentication. Once its on the device you can try to track down the exact file name.
I found this path in the link below.
Windows: C:\\ProgramData\\Cisco\\Cisco AnyConnect Secure Mobility Client\\Profile\\MgmtTun
macOS: /opt/cisco/anyconnect/profile/mgmttun/
+3We moved off of AnyConnect 4-5 months ago. If I remember correctly the .xml files in /Opt/Cisco/AnyConnect/filename.xml. You should just be able to package the xml and push it from JAMF, though absolutely verify the path.
You may be able to configure everything on your ASA, and it should download all the bits on next authentication. Once its on the device you can try to track down the exact file name.
I found this path in the link below.
Windows: C:\\ProgramData\\Cisco\\Cisco AnyConnect Secure Mobility Client\\Profile\\MgmtTun
macOS: /opt/cisco/anyconnect/profile/mgmttun/
Thanks!! I'll give that a try.
+3The management tunnel is working finally!
Now I just need to figure out how to push the XML to the others using Jamf. I'm assuming it might need a package built with composer...
+26The management tunnel is working finally!
Now I just need to figure out how to push the XML to the others using Jamf. I'm assuming it might need a package built with composer...
Yep, you would toss the xml in to composer and build a package. Then upload the package to JAMF and deploy. When you need to update the file later on, repeat the process.
+3hi abrown,
I was wondering how did you get your macOS to connect to the management tunnel? what are the configuration on your ASA that allowed your macOs to connect to the management tunnel.Are you using machine cert fo0r macOS?
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.