02-10-2017 07:52 AM - edited 02-21-2020 09:09 PM
Hi All,
We are deploying AnyConnect with a profile including the connection URLs. Has anyone achieved this using GPO and if so how? Alternatively SCCM is another method we could potentially use however that is not yet in production.
Thanks
02-10-2017 10:59 AM
I have seen SCCM installations, not GPO deployments unfortunately. For SCCM, the following script works to install and copy the profile to the right location.
msiexec /package anyconnect-win-<version>-pre-deploy-k9.msi /norestart /passive /lvx*
anyconnect-win-<version>-pre-deploy-k9-install-datetimestamp.log
XCopy /Y /F /C /E "\\<SCCM XML File Location>" "c:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile\"
The MSI file is present inside the .pkg file uploaded to the ASA, you would have to unzip it using 7zip or winzip.
02-10-2017 07:52 PM
Adding to Rahul's correct response, the XML file is where the connection URLs (aka ServerList) is stored.
You create it using with the Profile Editor built into ASDM or the standalone VPN Profile Editor (available on the AnyConnect download page).
http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect44/administration/guide/b_AnyConnect_Administrator_Guide_4-4/anyconnect-profile-editor.pdf
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide