I've used Cisco's documentation:
for guidance but I cannot get this socket filter to work correctly. It remains inactive, hence VPN tunnel can't be established.
Here is my configuration profile that should allow it but it's not:
What am I doing wrong?
Did you approved the system extension? You need two different profiles (or one profile with two payloads) for Cisco AnyConnect. Also you need to pre-approve the system extension before you install Cisco AnyConnect.
Here we deploy two configuration profiles:
Follow instructions here: AnyConnect macOS 11 Big Sur Advisory
...and yes, I'm painfully aware that the payload comes before the install. Hence my frustration with it since I have to remove the package, remove the payload and restart the machine when testing any changes to make sure the new payload is in place before I do the install.