08-08-2019 09:21 AM - edited 02-21-2020 09:43 PM
With GDPR and all that I want to disable Customer Experience Feedback. I have followed the guide with creating a 'Feedback Service Profile' here and disabled Customer Service Feedback Service and disabled Include Crash Report and applied it to the AnyConnect group policy.
I also have an AnyConnect VPN Profile to configure the primary and backup VPN hosts and a few other bits. I know the AnyConnect VPN profile is working as I can see in the client the profile name and can also see the AnyConnect-Profile.xml file I created in the ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile folder.
How do I verify the CEF profile is active as I can't find the 'disable-feedback.fsp' file that I created on the ASA anywhere on the PC and there doesn't appear to be a notification of this in the AnyConnect client?
The about dialogue says the installed modules are VPN and Customer Experience Feedback.
This is purely for Windows clients and I am using the latest AnyConnect client (4.7.04056) and the latest ASA code (9.12.(2)4).
Andy
08-08-2019 09:41 AM
I think this is a bug... I have worked out that the file \ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\CustomerExperienceFeedback\CustomerExperience_Feedback.xml gets overwritten by the .fsp file on the ASA (in my case disable-feedback.fsp). However with 9.12(2)4 and ASDM 7.12(2) the file it creates is a copy of the anyconnect-profile.xml file and this overwrites the local file on the PC.
I created a new Feedback Service Profile on an ASA5505 I have running 9.2(4)33 and ASDM 7.12(1) and then imported this to the ASA5512-X. Now the \ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\CustomerExperienceFeedback\CustomerExperience_Feedback.xml file looks correct:
<?xml version="1.0" encoding="UTF-8"?>
<Feedback>
<ServiceDisable>true</ServiceDisable>
<IncludeCrashReport>false</IncludeCrashReport>
<CustomerID>YOUR NAME HERE</CustomerID>
</Feedback>
And I can see in the client about dialogue the installed modules now excludes 'Customer Experience Feedback'
Cheers
Andy
09-10-2019 11:22 AM
Hi Andy,
Seems it works as intended on 9.12.(2) no interim, so probably a bug. I'm thinking to deploy the recommended release 9.8.4 and test this too as I wasn't even aware Cisco had deployed this spyware into the Anyconnect Client.
Cheers,
Matt
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide