Jamf Nation Community

I just found documentations on this.

http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect40/administration/guide/b_AnyConnect_Administrator_Guide_4-0/anyconnect-mobile-devices.html#reference_8DFF414FFAA64056A3FA236B426600AE

Not sure if this answer our question. I'll test it later today.

I couldn't get the App Configuration to work. I was able to auto generate a VPN profile using a predefined URL

anyconnect://create/?name=SimpleExample&host=vpn.example.com

I created a web clip to this URL and it did auto generate the VPN profile after enabling external control (Cisco AnyConnect App, Settings, External Control --> Enabled). If only there is a way to automate this setting :(

Duh... I am over thinking this. It is as easy as creating a Configuration Profile with a VPN payload.

I have tried this in the VPN configuration and when I try to connect to the VPN in the settings I get "please install an application for cisco anyconnect to enable the vpn connection". I have the cisco anyconnect app installed so im not sure what else its asking for. Any ideas?

@jholmquist If you are using the newest version of Cisco AnyConnect (non legacy), you have to be on Jamf 10 (or at least that is what I was told by Jamf Support) as the API was broken. It won't work on 9.x.

If you are using the legacy Cisco AnyConnect app you should still be able to use the VPN Configuration profile even if you are using 9.x. We are still using the legacy Cisco AnyConnect app and VPN Config profile on 9.101.

-Dan

It seems like for the VPN payload on a Configuration Profile, the Account field is now required (I'm on Jamf 10). I guess I could just put a generic entry ("Enter Username") but was wondering if anyone had an alternate way to configure this?

I also just tried doing the above, installed AnyConnect (the non-Legacy version) through Self-Service, it took maybe 3-4 minutes for JSS to complete the "Installed App List" command. If I look at the device's Inventory page and go to Management>Configuration Profiles it show the Config Profile I created, but if I open Cisco AnyConnect it says there are no connections.

Hopefully Cisco AnyConnect will implement MDM AppConfig XML in future releases, too bad you have to first create a connection and then delete it again :-|

Did Cisco AnyConnect add support for MDM AppConfig XML in the meanwhile?

@j.meister The solution above by @EdLuo works perfectly, and can be applied post-install of the Cisco AnyConnect app... so in my brain, seems better than the AppConfig (though obviously supporting both would be nice).

@rstasel Thank you, that works perfectly!

Maybe I'm missing something, but I've deployed the latest Cisco Anyconnect app via managed distro and the VPN payload is installed, but as @el2493 mentioned above, I'm not seeing the VPN connection profile in Anyconnect, pre or post install.

How do I get the app to pull in the VPN profile?

@Dave_F it's been 3.5 years since I posted, so I don't remember specifically what I did to get it working but it is now working for me. We have an AnyConnect Profile that installs on all mobile devices, and users install AnyConnect through Self Service (we use VPP for licenses).

Regarding the Profile, I set:

*Connection Name (this could be any name)
*VPN Type: VPN
*Connection Type: Cisco AnyConnect
*Server: I entered the address of the Server, a slash, then the Group Name. So if our VPN server was school.vpn.edu and the group Name was VPN-PROD, the server would be "school.vpn.edu/VPN-PROD" (without quotation marks)
Account: [Left blank]
Group: Entered the group name [i.e. VPN-PROD]
User Authentication: Password
Password/Verify Password: [Left blank]
Provider type: Packet-tunnel
Everything else is unchecked or blank. Idle timer is "Do not connect" and Proxy setup is "None."