Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
76356
Views
90
Helpful
22
Replies

Cisco AnyConnect System Extension Blocked, No Allow Button Under Security Preferences

PaulDhamii00526
Level 1
Level 1

‎10-26-2020 07:33 AM

Dear all,


I recently installed the 'Cisco AnyConnect Secure Mobility Client' for my MacBook (OS: High Sierra 10.13.6). 

 

Multiple windows of 'System Extension Blocked' are popping up, with the information that 'A program tried to load new system extension(s) signed by Cisco.' If then prompts me to enable the extensions by going to my Security Preferences panel. However, when I go there, there is now 'Allow' button like there should be under the 'Security and Privacy' panel.

 

Can anyone please provide info as to how I can enable these extensions?

 

Thank you.

20 people had this problem
Labels:
0 Helpful
22 Replies 22

AlBoss55415
Level 1
Level 1

‎12-21-2020 05:37 PM - edited ‎12-21-2020 05:42 PM

Got it! And wow, that was gnarly.

My suspicion seems to have been correct; it must have been some sort of artifact from a previous install.

Here are the steps I followed to get rid of the problem.

  1. Make sure I have a copy of the AnyConnect v.4.9.04043 installation package handy.
  2. Download and install an evaluation copy of CleanMyMac X for OS 11 (Big Sur). The free evaluation will do the trick for this.
  3. I had no problem on my Mac with Intego Antivirus, but on the one with AVG Antivirus, that program identifies CleanMyMac as having a Windows virus, which is not the case. Workaround:
    1. Disable the antivirus file scans before copying the program into the Applications folder.
    2. Add /Applications/CleanMyMac X to the exceptions list in AVG.
    3. Re-enable the antivirus file scans.
  4. Open CleanMyMac, click Uninstall, and wait for the program to identify all the things it can uninstall.
  5. Pick CiscoAnyConnect and let CleanMyMac uninstall it.
  6. Quit CleanMyMac.
  7. Use Finder to go into the Applications/Cisco folder if it's there, and run all the Uninstall programs in there. (I had Uninstall AnyConnect and Uninstall DART in mine.)
    1. Yes, I had already uninstalled AnyConnect, but if you see any uninstall programs in /Applications/Cisco, then there are still some settings toggled on that only these programs will toggle off.
    2. No, just running the uninstall programs by themselves will not get rid of the original problem of the bogus "Allow system extension" alert. I had already tried that in the first place.
  8. Run the installation package for v.4.9.04043.
    1. As you go through the installer, there's a screen where you can uncheck whatever you don't need.
    2. In my case the VPN is the only part I needed, so I unchecked all the other options.
  9. The "Enable system extension" alert appears. That's fine, because we just installed AnyConnect so we actually do have to allow it.
  10. Go into System Preferences/Security and allow the Cisco AnyConnect extension to work.

And, thank God or whatever deity or deities you believe in, that seems to have worked. I have launched AnyConnect, connected, quit, rebooted, relaunched, reconnected, and quit, and so far I have not seen that pesky alert any more.

Dear Cisco: Since I have figured out the solution for you, and documented it, please comp me a wireless mesh network for home.

0 Helpful

Bobbsie18
Level 1
Level 1
In response to AlBoss55415

‎12-22-2020 05:35 AM

That did not work for me
I no longer actually need AnyConnect as my institution now favors Citrix VPN

So I ran Clean My Mac
It removed the Cisco folder from applications (so I no longer have the uninstaller)
Clean my Mac cannot find any vestige of Cisco left BUT I still get that dumb pop up about authorizing Cisco security blah blah
I prowled through my system Library, checked Applicaton Support and such, could not find the Cisco Security thing
Something is sitting somewhere

Come on Cisco, give us a safe uninstaller to remove it


Barbara N. Passman LCSW, ACSW
Senior Social Worker
Adult Services
UCMedicine
Room M136,|Mail Code 1098
5841 S. Maryland Avenue|Chicago,IL 60637
Office 773 702 1810
Facsiimile 773 926 0589
Internal Pager 7619
MOBILE 773 726 4058
AT THE FOREFRONT OF MEDICINE(r)
http://www.uchospitals.edu
http://www.uchicagokidshospital.org
http://www.facebook.com/UChicagoMed
Twitter: @UChicagoMed




0 Helpful

SijungYang36619
Level 1
Level 1
In response to Bobbsie18

‎01-06-2021 12:53 AM

I got suffered from the same problem, but somehow found the way to solve it.

 

Basically I followed the method described here:

https://community.cisco.com/t5/vpn/how-to-uninstall-any-connect-from-my-imac/td-p/2562866

 

Instead of using 'su' on terminal, you have to use sudo in front of 'sh', since recent macOS blocked 'su' commands.

so in Terminal, you have to :

1. cd /opt/cisco/anyconnect/bin

2. ls (to see if there's a vpn_uninstall.sh file)

3. If there is, then run the following command: (this command will ask you type in your mac passwords)

  • sudo sh vpn_uninstall.sh

4.You'll get this confirmation message in the Terminal:

  • Successfully removed Cisco AnyConnect Secure Mobility Client from the system.

and Restart, Voila!, that annoying popup was gone for me. Hope it would work for you too.

TitoMartinho9261
Level 1
Level 1
In response to SijungYang36619

‎01-06-2021 02:51 AM

Thank you. It worked for me.

0 Helpful

gunderwood@bedfordcountyva.gov
Level 1
Level 1

‎02-15-2021 08:31 AM

Cisco AnyConnect v4.9.06037 fixes the issue (or some update post v4.9.00086).  I am running Big Sur 11.2.1.  I upgraded AnyConnect from 4.9.00086 to 4.9.06037 and was prompted for the Extension allow.  Now systemextensionsctl list shows the extension being allowed whereas under 4.9.00086 it was not.

MartinGregory
Level 1
Level 1
In response to gunderwood@bedfordcountyva.gov

‎02-18-2021 07:20 PM

Where were you able to get v.9.06037 from?

 

I've only been able to find a v8.x

0 Helpful

AlBoss55415
Level 1
Level 1
In response to MartinGregory

‎02-18-2021 09:31 PM

Generally, it comes along with the licensed Cisco hardware and software your employer uses. Your IT network staff have a special account they can use to get a copy for you. Most of them configure it some before they pass it along, so that when you install it, it’s set up right for your organization. 

After gunderwood mentioned the newer version, I asked our network engineers to get it for me, and they had it available later that day. 

0 Helpful

TERRY GRACE
Level 1
Level 1

‎03-13-2021 04:45 PM

Found this elsewhere

Restart/Power on your Mac (Apple > Restart / Shut Down).
Recovery Mode: Hold down Command-R until the Mac logo appears 
Wait for OS X to boot into the OS X Utilities window.
Choose Utilities > Terminal.
Enter "csrutil disable."
Enter Restart.

Reauthorize extensions as prompted.
Reboot.
Test and verify.

0 Helpful
Customers Also Viewed These Support Documents