Meraki

Community

AnyConnect and Windows startup folder

MicahBackwater
Conversationalist
‎Apr 27 2022 7:54 AM
‎Apr 27 2022 7:54 AM

AnyConnect and Windows startup folder

We are in the process of rolling out AnyConnect as a VPN solution for our organization (1000+ users). We would like a way to suppress the AnyConnect client from being added to the Windows startup folder on install, if possible. If we push the client out to our users, even in a staged rollout, then our helpdesk will be inundated with calls no matter how much communication we push out about the change. There doesn't appear to be any options in the VPN Profile Editor that will control this feature. Is there some way to install the client without adding it to the Windows startup folder? If not, what is the best option to disable/remove it from the folder after-the-fact for 1000+ devices (most of them remote)? Thanks!

 

 

0 Kudos
5 Replies 5
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 27 2022 1:51 PM
‎Apr 27 2022 1:51 PM

AnyConnect doesn't pop up or present anything to the user when it starts up.  It just appears in the system tray in the bottom right-hand corner.  This is assuming you aren't running it in auto-connect mode, which you would have to enable in a profile since it is off by default.

0 Kudos
MicahBackwater
Conversationalist
‎May 5 2022 7:40 AM
‎May 5 2022 7:40 AM

I thought about that, and just double-checked the profile. "Auto-reconnect" is selected, but "Always On" is not. We're also having an issue where the VPN will not disconnect on Trusted networks, but that isn't as pressing at the moment. Here's screen shots of the screens for preferences 1/2.anyconnect preferences 02.PNGanyconnect preferences 01.PNG

0 Kudos
In response to MicahBackwater
MicahBackwater
Conversationalist
‎May 5 2022 7:45 AM
‎May 5 2022 7:45 AM

It seems that when the AnyConnect client is installed, it is automatically added to the Windows Startup folder. This in turn causes the app to pop up on the screen, which is likely to confuse our user base and generate an avalanche of phone calls to the helpdesk. Hoping to find a way to avoid this and have an actually silent install for once 😀

0 Kudos
In response to MicahBackwater
CptnCrnch
Kind of a big deal
Kind of a big deal
‎May 5 2022 1:08 PM
‎May 5 2022 1:08 PM

So basically what you're trying to achieve is a completely "silent" Anyconnect implementation? I'm pretty sure that this is a feature request to the Anyconnect BU itself and nothing that Meraki could do anything about it.

In response to CptnCrnch
MicahBackwater
Conversationalist
‎May 6 2022 9:02 AM
‎May 6 2022 9:02 AM

Eh, not exactly. We want to deploy to existing users via SCCM, but we don't want the AnyConnect client window popping up the next time the user logs into Windows. For new users, the laptops should be pre-imaged with the AnyConnect software, and the users will utilize start-before-login to connect to the domain before logging into Windows and resetting their password. At least, this is how we would like for it to work. If this can even be done is a mystery at this point.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.