Cisco Anyconnect - big Sur -

jameson
Contributor II

So have the cisco anyconnect documentation for Big sur here

https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect49/upgrade/AnyConnect_macOS_BigSur_Advisory.pdf

I am running Anyconnect client anyconnect-macos-4.9.04043 - so that is a supported version for Big Sur

I have the config profiles, but the socket filter still prompts for manual approval and in jamf there is no webfiltercontent config profile to create.

Any one solved this for the webfiltercontent part ?

87ebe81711ec43e39af4fdc22cf2f11a

f04b483ebb5343d2a19ba3b248a975b4

3 REPLIES 3

abnaau
New Contributor III

This was rather complicated but it solved it for us:
https://www.jamf.com/jamf-nation/discussions/36637/cisco-vpn-anyconnect#responseChild209153

jameson
Contributor II

I did the signing of the mobileconfig file with our apple developer cert (like always) - but if I look in the config profile it stands as unverified. But this is then something with signing or ?
I have checked the mobileconfig and it is signed and also when uploaded to jamf, it is rapported as signed

patgmac
Contributor III

@jameson Which cert did you use to sign the profile? If you used a self-signed cert, it's not going to be trusted on other systems. If your goal is only to allow it to be uploaded to Jamf without Jamf messing with it, then that's fine, ignore the verified status.

If you do want it to show as trusted, you either need to use a cert generated by your Jamf server (PKI section, trusted by any device enrolled in your Jamf server), or using an Apple developer cert (preferred because it has a longer expiration).