Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
63229
Views
50
Helpful
26
Replies

OSX: "Cisco Anyconnect" pop-ups freezes my laptop.

sabh087222
Level 1
Level 1

‎11-27-2020 06:17 AM

I tied to install Cisco Anyconnect Secure Mobility Client on my MacBook Air. After I tried to setup, it said 'installation failed'. Then I simply deleted the application, emptied the trash, and restarted. However, there is a Cisco pop-up now which keeps coming up all the time, which is freezing my desktop and ability to work. It just keeps popping all the time....

 

Screenshot below. It says "The VPN client agent was unable to create the client DNS plugin manager. A system restart may be required after the system extension approval, as prompted' This pop-up is not going away even though I cannot find any remains of the Cisco software on my hard drive.

 

How can I stop this? Please help.

Thanks so much!

Screen Shot 2020-11-27 at 15.59.06.png

17 people had this problem
26 Replies 26

xdc
Level 1
Level 1
In response to xdc

‎04-25-2021 04:34 AM

stopped working. 

0 Helpful

mmmmmmina
Level 1
Level 1

‎02-22-2021 03:45 PM

Okay so this is pop-up is quite annoying, and I have been unable to resolve this for 2 days. 

I just bought a brand new laptop, and Anyconnect Cisco downloaded onto it form my backup. 

I dont use it much, I only downloaded it to access a university software lisence shortly, but I no longer use it. 

I deleted annyconnect and any other app related to VPN, emptied the trash and the **bleep** popup wont go. I cant open a finder window normally or shut down my laptop without forcing it to as the Finder window wont quit. 

 

How can i get rid of this?? Someone help!

0 Helpful

trconner
Cisco Employee
Cisco Employee

‎03-05-2021 01:08 PM

The Problem

There is an issue with the way MacOS handles security for its kext files / folders. Anyconnect cant complete the installation properly because the correct "permissions" are missing from the folders in question.

 

The Solution

The Mac device will need to be booted into recovery mode. This can be done by shutting down the Mac and then powering it back on with "cmd + r + pwr button". Release these keys once the loader bar appears on the screen. Once Mac has booted up, navigate to the Menu Bar, find Terminal and execute these 2 commands.

 

(If the user / admin has renamed the HDD from Macintosh HD, you will need to change it in the syntax)

chflags restricted /Volumes/Macintosh\ HD/private/var/db/KernelExtensionManagement
chflags restricted /Volumes/Macintosh\ HD/private/var/db/KernelExtensionManagement/Staging

 

After this, reboot the Mac and attempt a connection to the headend.

 

Hope this help!

cdschaeffer
Level 1
Level 1
In response to trconner

‎03-05-2021 01:26 PM

Thanks trconner, this worked!

0 Helpful

PhilipMSaunders
Level 1
Level 1
In response to trconner

‎03-19-2021 02:51 PM

This did not work on either of two Macs on which I tried it. The commands in the context of Recovery mode yield "No such file or directory." since the /private directory has the hidden flag set, and attempting to set it to nohidden yields "Read-only file system."

(The two Macs are (1) my own support Mac, and (2) the one belonging to my customer who is having this problem at present.

0 Helpful

xdc
Level 1
Level 1
In response to trconner

‎04-25-2021 05:10 AM

Hi @trconner 

 

I got the error message "no such file or directory" in Terminal when both times when entering from recovery mode. Could you please help? The initial method by blocking updates stopped working because apparently cisco now requires the updates to work and refuses to connect if they don't. 

 

please instruct how to proceed. 

 

Thank you

 

---

 

Intel i7, 10.14.6 Mojave

0 Helpful

andy123harris
Level 1
Level 1
In response to trconner

‎04-29-2021 08:51 AM

Worked for me, too (Mojave 10.14.6).  Maybe others are having a problem with SIP, or commands not running as root (perhaps try prefacing with "sudo" to force it)?

0 Helpful

Jacob Yang
Level 1
Level 1
In response to trconner

‎06-11-2021 04:14 AM

I encountered the same problem on a MacBookPro. The MacOS was Big Sur. And previously AnyConnect 4.9.01095 was installed and then whole application was removed before the problem appeared. 
 
Based on discussion in this forum, I tried to use chflags command in the recovery mode only to find there is no Staging directory under the KernelExtensionManagement. After rebooting, the problem remained. 
 
I found out the file /opt/cisco/anyconnect/AnyConnectLocalPolicy.xml, and changed <BypassDownloader>false</BypassDownloader> to true.
 
I rebooted the machine, and the problem remained.
 
Then I downloaded an older version of Cisco AnyConnect 4.4.00243. tried to install it,only to encounter an error saying a version of AnyConnect was been installed already, installer couldn't proceed. 
 
I tried to use chflags in normal mode in terminal. This time I found Staging directory there and successfully executed the following 2 commands. 
 
chflags restricted /Volumes/Macintosh\ HD/private/var/db/KernelExtensionManagement
chflags restricted /Volumes/Macintosh\ HD/private/var/db/KernelExtensionManagement/Staging
 
I also tried to use pkgutil --pkgs|grep com.cisco to find out those packaged not removed. And Then I used pkgutil —forget command to clean them. The commands could not work du to Xcode-select related problem. I didn't go further to fix problem in this way. 
 
I was a little frustrated and rebooted the machine again. 
 
This time, good thing happened. The old version 4.4.00243 was able to be installed. And annoying prompt error dialog disappeared. 
 
This is not a very perfect solution, but it works on this MacBook Pro.  
0 Helpful

mapage
Level 1
Level 1

‎07-19-2021 04:11 PM - edited ‎07-19-2021 04:12 PM

I signed up just to reply to this topic. 

I had the same issue with Big Sur after installing the latest updates. 

I couldn't use Finder because of that annoying popup.  

Couldn't even reboot because of it. 

But I found when I unticked this shown in attached, it stopped. 

Screen Shot 2021-07-20 at 6.47.16 am.png

What a POS application - and what useless support from Cisco on this topic. 

0 Helpful

mmohamed.khalil0k
Level 1
Level 1

‎10-04-2021 01:17 PM - edited ‎10-09-2021 09:26 PM

, I did overview the entries (pretty old besides) which you are quoting very cautiously. Since the posts are over four years vintage, they'll in all likelihood practice to the Android firmware for reviews of laptop- a lot modified (to the more severe) with the CE Software I need to use now.

0 Helpful

qasimsiddiqui378
Level 1
Level 1

‎03-05-2022 09:46 AM

Es gibt ein Problem damit, wie Macbook oder andere Laptops seine Kext-Dateien und -Ordner schützen. Anyconnect kann die Installation nicht abschließen, weil die betreffenden Ordner nicht die richtigen "Berechtigungen" haben.

AlexJames
Level 1
Level 1

‎03-05-2023 11:48 AM

How do I stop Cisco AnyConnect from popping up?
 
 
If you want to prevent Cisco AnyConnect from launching at startup, click on the Cisco AnyConnect icon in the system tray. This will open the Cisco AnyConnect window, click on the little cog icon. 13. In the window that opens, uncheck “Start VPN before user logon to computer” and “Start VPN when Anyconnect is started”
0 Helpful
Customers Also Viewed These Support Documents