Posted on 01-28-2021 10:17 AM
I am running into an issue with Cisco AnyConnect version 4.9.04043 installed on macOS Catalina computers that are going to upgrade to Big Sur. The upgrade works fine but after the first logon, Cisco AnyConnect displays the attached message about a blocked system extension. I have tried to use a Configuration Profile without any success.
While searching the JAMF Nation forums, I found a link to this page: SYSTEM EXTENSION : HOW TO IDENTIFY ON MACOS, CREATE A CONFIGURATION PROFILE, A PPPC PAYLOAD, & DEPLO...
On that page is this:
"Very important to remember that the configuration profile must be deployed to & present on the end user / target machine prior to the client / application installation (in this example, Symantec) & the system extension(s) installation. If the configuration profile is not successfully deployed prior, the end user / target machine will still be prompted to manually allow the System Extension(s)."
Does this mean that since AnyConnect is already installed before the Configuration Profile that I am stuck with users having to manually approve on their own?
thanks!
-steve
07-19-2021 09:02 PM - edited 07-19-2021 09:06 PM
Hi Steve,
Had the same issue as we pushed it out before the config profiles had come down.
I noticed that on Big Sur 11.1 that if the config profile was pushed out after the app it would never accept (Allow) the Web Content Filter. However, with my experience on 11.4 that seems to have changed. This applies to System Extensions too but if I now push out the app first and the config profile after, it takes a few minutes but it seems to accept it in the background as you would normally expect from a config profile and the option to Allow disappears under Security and Privacy.
Hope that helps! 🙂