11-12-2014 07:45 AM - edited 03-05-2019 12:09 AM
Hallo,
Do you anybody know how to disable/turn off "Checking for product update" during _every_ connecting Cisco Anyconnect Secure Mobility Client (VPN) to remote sites?
I found it may by possible on the ASA side, but I need to disable it on the client (computer). I can see that checking is NOT during connecting to my company site, but when connecting to ANY OTHER site everytime is new version checked. It takes some time ... and I need to switch between VPN often.
Thank you for your help!
Regards, Ondrej
11-12-2014 10:46 AM
You should be able to do this in the AnyConnect local policy. Just add (or edit, if you already have a local policy file) the following to the local policy file:
<!--?xml version="1.0" encoding="UTF-8"?--> <anyconnectlocalpolicy acversion="2.4.140" xmlns="http://schemas.xmlsoap.org/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemalocation="http://schemas.xmlsoap.org/encoding/ AnyConnectLocalPolicy.xsd"> <BypassDownloader>true</BypassDownloader> </AnyConnectLocalPolicy>
The local policy file can be found here:
Windows Vista/7/8: C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\AnyConnectLocalPolicy.xml
Linux/Mac: /opt/cisco/anyconnect/AnyConnectLocalPolicy.xml
See the Enabling FIPS and Additional Security in the Local Policy section of the Cisco AnyConnect Secure Mobility Client Administrator Guide, Release 3.1 for more details.
03-30-2016 01:04 PM
Hello there --
This may be a silly question but will updating the local policy keep the software from installing the Start before login module? I have a user that I removed and reinstalled the Cisco Anyconnect Secure Mobility Client and vpn did not encounter any issues until (it appears) that module was added.
03-30-2016 01:05 PM
Alas, I have no experience using the start before login module, so I can't say for certain. If you're installing it manually, I imagine that there would be no interference. If it's somehow being installed automatically, then this policy might well prevent that from working properly.
03-30-2016 01:23 PM
Thank you, Jody. It is an old thread so I wasn't sure that I would get a response. I am going to give it a try and see if that is the case.
04-08-2016 05:58 AM
Hi Jody --
Thank you...that did the trick for my user! :)
09-18-2016 05:13 PM
This is correct, however, on a Mac the next step you need to take is to remove this application from your Login items, found at System Preferences > Users > Login Items.
11-28-2017 07:55 AM
05-02-2017 11:10 AM
CLI
Modify XML AnyConnect Client Profile as follows:
<AutoUpdate UserControllable="false">false</AutoUpdate>
ASDM
1. Navigate to:
Configuration --> Remote Access VPN --> Network (Client) Access --> AnyConnect Customization/Localization --> AnyConnect Client Profile -->
2.Select Profile Name
"Profile Name" --> VPN --> Preferences (Part 1)
3. Uncheck "Auto Update"
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: