Download Cisco Secure Client 5

[Yvone Samiento]

AsCisco is phasing out just Umbrella we have to create a package using their secure client instead. Whilst I have followed the instructions here ( -umbrella/docs/customize-macos-anyconnect-installation#prerequis...) to customise the installation on a single machine, I have been completely unsuccessful is creating a package from the customisation.

Has anyone done this and if so could they share what they did? It does not help when the help documents refer to the product as anyconnect still, and some of the documents online I did find about building a package in Composer refer to xml files which do not exist in the updated secure client...so I am stuck on this.

Some of the documentation relates to anyconnect and refers to profile xml - the cisco secure documentation which in theory is updated (but still calls it anyconnect) is the one I referenced above and it works on a single installation but I cannot get a package created from it thus I cannot deploy it.

4 - I created a policy which installs that package (so all it does is basically create the folder and copy the contents into it) and also on that policy I have two scripts. The first runs the installer command shown on the Cisco page, but from that folder:

5 - This policy is set to run based on a smart group which computers are only added to once they have a configuration file installed which permits the applications to run in the background etc. via extension kernel (this is also referenced on that Cisco page)

Recently gone through the same steps for some reason I'm still not able to get it to deploy properly the package say successfully deployed however I don't see cisco in application I also did get an error on the script path

Is it possible to see the layout of #3? I have had success previously with just VPN but bundling with Umbrella now having issue getting the Umbrella Service turn active. I have the Json in right area but I think the issue for me is how its being packaged in composer. Once I run it through Jamf doesnt work. Any help would be great.

So I ended up figuring out the issue this morning, going to say it here just incase someone else runs into issue. Cisco wouldnt show up in login items and oddly that was keeping umbrella from going active. There's a link I found in here to help

Edit the choices XML and package it, and any other files you need (vpn profile xml, umbrella json etc) with composer this creates your "support files", install this pkg to a temp directory in the policy. in the same policy CACHE the secure client PKG installer, and then use a script to run the install and any file ops you need. here is what my script looks like.

I've been trying to get this to work for weeks and I've succumbed to a slipshod method that works but only if I manually run sudo jamf policy on every device, which is less than ideal. I've followed @wolfhead's method more or less and I continually get the following error:

I believe I have set the proper permissions in Composer, so I am not sure what is broken here. When I run sudo jamf policy, the pkg downloads; however, I still see the above message in the Logs even though the pkg downloads on the device. My script looks like this:

I am wondering if this actually any issue with DUO Desktop. First off, I don't even want DUO, but it seems to be included with the Cisco Secure Client PKG. When I run sudo jamf policy, the first thing that appears to download is the DUO Desktop App. I see DUO needs a cert... could that potentially be the issue? I'm clutching at straws here...

SO, after hours of sleuthing, I found the issue. The Secure Client PKG I am using packages Duo Desktop along with it. The installation errors were occurring due to cert I didn't for DUO not the Secure Client... SUPER ANNOYING. And none of Cisco's documentation mentioned anything about needing a cert for DUO, which is hilarious because I don't even need DUO in the first place... Anyways, if anyone comes across this issue, follow the instructions here to create and push out the config for DUO before installing the Cisco Secure Client: =en_US

Jamf's purpose is to simplify work by helping organizations manage and secure an Apple experience that end users love and organizations trust. Jamf is the only company in the world that provides a complete management and security solution for an Apple-first environment that is enterprise secure, consumer simple and protects personal privacy. Learn about Jamf.

This site contains User Content submitted by Jamf Nation community members. Jamf does not review User Content submitted by members or other third parties before it is posted. All content on Jamf Nation is for informational purposes only. Information and posts may be out of date when you view them. Jamf is not responsible for, nor assumes any liability for any User Content or other third-party content appearing on Jamf Nation.

we are using cisco anyconnect with ise posture module, umbrella and AMP module, now we want to upgrade to cisco secure client, i have been researching and it seems like it does not have the AMP enabler module, only available for MAC. how can we upgrade so that AMP module appears,

I have not used SecureX to deploy, but you can push the Secure Endpoint updates separately from the AMP / Secure Endpoint cloud console. As long as the version you push is 8.0+ and your Secure Client is 5.0+, it will integrate automatically as a module/tile in your Secure Client software.

Now, with Secure Client, you gain improved secure remote access, a suite of modular security services, and a path for enabling Zero Trust Network Access (ZTNA) across the distributed network. The newest capability is in Secure Endpoint as a new module within the unified endpoint agent framework. Now you can harness Endpoint Detection & Response (EDR) from within Secure Client. You no longer need to deploy and manage Secure Client and Secure Endpoint as separate agents, making management more effortless on the backend.

Within Device Insights, Secure Client lets you deploy, update, and manage your agents from a new cloud management system inside SecureX. If you choose to use cloud management, Secure Client policy and deployment configuration are done in the Insights section of Cisco SecureX. Powerful visibility capabilities in SecureX Device Insights show which endpoints have Secure Client installed in addition to what module versions and profiles they are using.

The emphasis on interoperability of endpoint security agents helps provide the much-needed visibility and simplification across multiple Cisco security solutions while simultaneously reducing the complexity of managing multiple endpoints and agents. Application and data visibility is one of the top ways Secure Client can be an important part of an effective security resilience strategy.

We are not sure what specific issue you are referring to. The last round of issues were resolved by a macOS update and we also put in a workaround from our side. Please reach out to ac-mobile...@cisco.com if you need help with something still not functioning properly with current Secure Client and macOS versions.

I like that the Secure Clients are converging, but multiple UI versions, 4.1 for AnyConnect and 5.0 for SecureEndpoint are not working together well for the user. I can find no supporting information on this.

Cisco doesn't launch from rofi like typically, instead I can get it to launch through cmdline running vpnui, however although it no longer has the original issue it says I am missing required libraries to authenticate

(

I followed the steps correctly, the only difference was I had to change the location of the since my vpnui is located in /opt/cisco/secureclient/bin/vpnui not /opt/csico/anyconnect/... but the issue I get "You are missing the required libraries for the authentication method you requested". It shows however the different groups I can select for my university, (staff, student, external). Anyone know how to fix this?

I had this problem and solved it with the steps above, and everything was working normally until today. Now when I press connect in Cisco secure client I get a message in the bottom of the app that says Establishing VPN session... and then nothing for about a minute when it times out with the message Cisco secure client was not able to establish a connection to the specified secure gateway. Pleas try connecting again

The Gatorlink VPN service provides secure remote access to the University of Florida network and makes it appear as if your computer were physically attached to the campus network. By using the Gatorlink VPN client, you may access resources on the UF network that are not typically available over an Internet path. These may include:

The Gatorlink VPN service is based primarily on th Cisco Secure VPN client. This client supports a wide range of operating systems including Windows ,Mac, Linux, Apple IOS and Android. It is based on SSL transport rather than IPsec which was supported by the older client. Cisco Secure VPN will also work on networks which use heavy firewalling and/or network address translation. Features include auto-update and auto-policy synchronization which eliminate the need to update the client manually.

Once you install the client, you will automatically be updated when a new client is available. The client is SSL based and supports the full gatorlink VPN tunnel feature set including campus-only tunnels as well as departmental VPNs. It is not a Java based client, and does not require Java. In addition to the Cisco Secure VPN client, the UF Gatorlink VPN service also supports legacy L2TP over IPsec clients which are built into many popular operating systems.

The latest Cisco Secure VPN client may be downloaded from the Cisco Secure VPN Download Site. The client will require a minor amount of configuration the first time you install it. See the configuration guides for more information. Clients for Apple IOS and Android are available through their respective App Stores.

3a8082e126