I have had a problem with Cisco AnyConnect mobility client not connecting to a certain VPN, so here are the details of my issue:
I have recently had my laptop upgraded from a Windows machine to a MacBook Pro 13 running MacOS Mojave. I used to connect to the VPN of a client using Cisco AnyConnect Mobility Client, but changing my machine, it refuses to connect. At first, I was presented with an error message saying that no antivirus program was installed on my machine, so I installed Symantec Endpoint Protection (SEP) -the same antivirus that was installed on my windows machine. Since then, no matter what I do, when I try to connect, I'm presented with an error message saying "Dear *client's name* Vendor session is terminated because your Antivirus service is disabled" even though it's working just fine. I tried updating the antivirus definition, and uninstalling then reinstalling both AnyConnect and SEP, but nothing changed. I also tried connecting from a colleague's Mac (running MacOS High Sierra if that's relevant) and the connection was successful. I'm not sure if it's an OS thing or what.
This issue has been frustrating me for the past week or so, so any help is greatly appreciated.
Thanks in advance
There are some specific caveats with AnyConnect and macOS High Sierra and above:
It could also be the headend has an older version of hostscan (the bit that checks for your endpoint AV - related to but separate from the AnyConnect version). Support for macOS with Symantec Endpoint Protection was only added in hostscan 4.3.05033
@Marvin Rhoads Thanks for your reply. I'm not sure I understand your second point, but I have AnyConnect version 4.6-something so, newer than the version you were talking about. Do you mean that client I'm working with could have an older version?
Also, about the issue related to High Sierra and above, my colleague had High Sierra on his machine, and it connected just fine there.
Your colleague's Mac may have had the recommended High Sierra changes made already.
Regarding hostscan, that's something you'd have to ask the ASA administrator about. The hostscan software and version is separate from the Anyconnect software and version.
Is it a hostscan aka ASA posture?
Or is it a System scan aka ISE posture?
Is there a System Scan window in the client?