Jamf Nation Community

jameson · ‎11-19-2020

So have the cisco anyconnect documentation for Big sur here

https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect49/upgrade/AnyConnect_macOS_BigSur_Advisory.pdf

I am running Anyconnect client anyconnect-macos-4.9.04043 - so that is a supported version for Big Sur

I have the config profiles, but the socket filter still prompts for manual approval and in jamf there is no webfiltercontent config profile to create.

Any one solved this for the webfiltercontent part ?

abnaau · ‎11-19-2020

This was rather complicated but it solved it for us:
https://www.jamf.com/jamf-nation/discussions/36637/cisco-vpn-anyconnect#responseChild209153

jameson · ‎11-20-2020

I did the signing of the mobileconfig file with our apple developer cert (like always) - but if I look in the config profile it stands as unverified. But this is then something with signing or ?
I have checked the mobileconfig and it is signed and also when uploaded to jamf, it is rapported as signed

patgmac · ‎11-20-2020

@jameson Which cert did you use to sign the profile? If you used a self-signed cert, it's not going to be trusted on other systems. If your goal is only to allow it to be uploaded to Jamf without Jamf messing with it, then that's fine, ignore the verified status.

If you do want it to show as trusted, you either need to use a cert generated by your Jamf server (PKI section, trusted by any device enrolled in your Jamf server), or using an Apple developer cert (preferred because it has a longer expiration).

Jamf Nation Community

Cisco Anyconnect - big Sur -