Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
15762
Views
6
Helpful
4
Replies

Cisco AnyConnect Auto Update

Go to solution
Ricky Sandhu
Level 3
Level 3

‎02-02-2021 04:54 PM

Hey everyone, I've been looking all over for this but can't seem to find it on any guides, websites etc.

The Auto Update feature on Cisco Anyconnect VPN Profile (Preferences Part 1), how does it work?  Does it look into the flash to see if there is a newer version of the Anyconnect webdeploy....pkg file?  

 

Reason I am asking, I have Auto Update disabled globally on all my ASAs as I've run into issues with users that don't have admin rights on their laptops.  However now I am trying to push the Umbrella Roaming module and I believe it needs the Auto Update to be enabled.  My plan is to remove all other webdeploy.pkg version from the flash and leave the one that we have running on 99.9% of the laptops out there.  In this case, Auto Update won't want to update the clients since it's the same version.

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎02-02-2021 08:08 PM - edited ‎02-03-2021 10:41 AM

AnyConnect auto update checks the version that is provided by the client software as part of the connection process. If the version doesn't match the one specified in your ASA then the update is attempted. An AnyConnect version update should not require admin rights on the end user machine if an earlier version of AnyConnect is already installed.

If you deploy a newer version outside the ASA-based process (say with manual install, SCCM etc.) it will continue to work fine with any ASA having an earlier release.

View solution in original post

4 Replies 4

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎02-02-2021 08:08 PM - edited ‎02-03-2021 10:41 AM

AnyConnect auto update checks the version that is provided by the client software as part of the connection process. If the version doesn't match the one specified in your ASA then the update is attempted. An AnyConnect version update should not require admin rights on the end user machine if an earlier version of AnyConnect is already installed.

If you deploy a newer version outside the ASA-based process (say with manual install, SCCM etc.) it will continue to work fine with any ASA having an earlier release.

Go to solution
domac385
Level 1
Level 1
In response to Marvin Rhoads

‎11-23-2021 12:32 AM

Hi @Marvin Rhoads,

 

Can you point to the part of the official Cisco documentation that says this? I was trying to find it in the documentation, but no luck. We have Anyconnect client installed on the user computers (different versions - from 4.6 to 4.10) and would like to put on ASA 4.10 version but not sure what to expect according to admin rights on the user computers. Most users don't have admin rights and we don't want to have a problem with auto-update to break the Anyconnect on many computers at once.

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to domac385

‎11-23-2021 12:50 AM

@domac385  I don't have a published reference- I believe it was covered in a Cisco partner training session.

You can certainly test if yourself to confirm.

0 Helpful

Go to solution
Ricky Sandhu
Level 3
Level 3

‎02-03-2021 10:39 AM

Marvin, this is great. Thank you for clarifying.  

0 Helpful
Customers Also Viewed These Support Documents