Meraki

Community

Cisco Umbrella + Cisco AnyConnect on macOS 12.2+

AnthonyI
Getting noticed
‎Apr 15 2022 6:42 AM
‎Apr 15 2022 6:42 AM

Cisco Umbrella + Cisco AnyConnect on macOS 12.2+

Hello Meraki Community,

 

We're pushing Cisco AMP, AnyConnect, and Umbrella to our macOS users that register their devices to Meraki SM. In some cases, these users are unable to connect to internal networks residing on the VPN, or their internet traffic is super slow altogether.

 

One of the fix actions we've come up with is to uninstall Umbrella. When we do that, the issue goes away. Here are some notes about our setup.

 

Only affecting macOS 12.2+ users that have the following installed:

- Cisco Umbrella Roaming Client 3.0.5

- Cisco AnyConnect 4.10

- Cisco AMP (SecureX) 1.16.2.853

 

It appears that the AnyConnect installer that has the Umbrella enabler/module in it by default is conflicting with the Umbrella Roaming Client. Is there any way to include the Umbrella configuration directly into our AnyConnect installer on macOS?

Labels:
0 Kudos
4 Replies 4
CptnCrnch
Kind of a big deal
Kind of a big deal
‎Apr 15 2022 11:43 AM
‎Apr 15 2022 11:43 AM

You should definitely be skipping the Roaming Client (for several reasons) if you've got Anyconnect in place.

 

The easiest option to get the config onto your clients is packaging Anyconnect together with the OrgInfo.json that can be downloaded on the Umbrella Dashboard via "Deployments > Roaming Computers > Roaming Client > Download Module Profile".

It has be installed to /opt/cisco/anyconnect/Umbrella/. Further information can be found on https://docs.umbrella.com/deployment-umbrella/docs/configure-the-orginfojson-file

 

Soon(ish), you'll be able to use Cisco Secure Client where also AMP is integrated into the client currently still known as "Anyconnect".

In response to CptnCrnch
AnthonyI
Getting noticed
‎Apr 15 2022 12:24 PM
‎Apr 15 2022 12:24 PM

Thanks. I did get the OrgInfo.json file -- now the challenge is to embed/include it with the .dmg install file that is pushed to our users through Meraki Systems Manager. Do you know of any way to achieve that?

0 Kudos
In response to AnthonyI
CptnCrnch
Kind of a big deal
Kind of a big deal
‎Apr 15 2022 12:30 PM
‎Apr 15 2022 12:30 PM

Like this? https://support.umbrella.com/hc/en-us/articles/4403499386132-Deploying-Anyconnect-with-only-Umbrella...

In response to CptnCrnch
AnthonyI
Getting noticed
‎Apr 15 2022 12:32 PM
‎Apr 15 2022 12:32 PM

Looks like exactly what I'm looking for. Thank you so much!

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.