On this page:
Cisco recently released their new AnyConnect Secure Mobility Client Version 4.3.03086. This new version is compatible with Mac OS X 10.9 and higher (including the latest version of Mac OS X 10.12 Sierra).
Primer
- This guide will assist with the installation of the Cisco AnyConnect VPN client for OS X 10.6 and later
- You need administrator level account access to install this software.
- Note: Some screen shots may be slightly different from what you see depending on the version of your operating system and the VPN software.
Installation
- Download the VPN installer from MIT's download page, Cisco AnyConnect Secure Mobility Client for MAC (certificates required).
- Find and open the downloaded file.
- The file will mount a disk image. Open this disk image and launch the file named 'anyconnect-macosx-XXXXXX'.
- On the following screen titled Welcome to the AnyConnect Secure Mobility Client Installer, click Continue.
- When presented with the software license agreement, click Continue then click Agree on the slide-down menu.
- If you are prompted 'Select a Destination...', select your primary hard drive and click Continue.
- On the window titled Standard Install..., click the button labeled Install and enter your computer username and password when prompted and click Install Software.
Note: The user must be an administrator of the machine to install.
Result: The VPN client will begin to install itself. - When the installation has competed, click the button labeled Close.
Initiating a Connection to VPN and to VPN using Duo
- Cisco AnyConnect can be found in the Cisco folder located in the Applications folder (/Applications/Cisco/).
- Navigate to /Applications/Cisco/ and open 'Cisco AnyConnect Secure Mobility Client'.
- To authenticate with Duo, enter vpn.mit.edu/duo and click the button labeled Connect.
- Enter your MIT username and password then click the button labeled OK.
With Duo authentication, you will see a field asking for a Second Password.
In this field you may type in one of the following options:- push - Duo will send a push notification to your registered cell phone with the Duo Security mobile app installed
- push2 - Duo will send a push notification to your _second registered device with the Duo Security mobile app installed_
- sms - Duo will send an SMS to your registered cell phone
- Phone -Duo will call your registered phone
- Phone2 -Duo will call your second registered phone
- Yubikey - If you are using a Yubikey for authentication, make sure the Second Password field is highlighted and use your key. For instructions on using the Yubikey, please see How do I authenticate with a YubiKey?
- The one time code generated by your hardware token or the Duo Security mobile app (the code changes every 60 seconds)
In this example, I entered 'push' in the Second Password field. I will receive a push notification on my cell phone, go to the Duo app and click Approve.
- When prompted at the MIT's Virtual Private Network (VPN) screen, click the button labeled Accept to connect to MIT's Virtual Private Network.
- Upon successful connection, Cisco AnyConnect will minimize itself and you will see the AnyConnect logo with a small lock in your menu bar just to the left of the time.
Cisco Anyconnect Vpn Client For Mac
This app is only available on the App Store for iOS devices.
Description
This is the latest AnyConnect application for Apple iOS.
Please report any questions to ac-mobile-feedback@cisco.com.
Please consult with your EMM vendor on configuration changes required to configure this new version if you are not setting it up manually. Samples at: https://community.cisco.com/t5/security-blogs/anyconnect-apple-ios-transition-to-apple-s-latest-vpn-framework/ba-p/3098264
LICENSING AND INFRASTRUCTURE REQUIREMENTS:
You must have an active AnyConnect Plus, Apex or VPN Only term/contract to utilize this software. Use is no longer permitted for older Essentials/Premium with Mobile licensing. AnyConnect may never be used with non-Cisco servers.
Trial AnyConnect Apex (ASA) licenses are available for administrators at www.cisco.com/go/license
AnyConnect for iOS requires Cisco Adaptive Security Appliance (ASA) Boot image 8.0(4) or later.
Per App VPN requires ASA 9.3(2) or later (5500-X/ASAv only) with Plus, Apex or VPN Only licensing and a minimum Apple iOS version of 10.x.
For additional licensing questions, please contact ac-mobile-license-request (AT) cisco.com and include a copy of 'show version' from your Cisco ASA.
Licensing Ordering Guide: http://www.cisco.com/c/dam/en/us/products/security/anyconnect-og.pdf
Cisco AnyConnect provides reliable and easy-to-deploy encrypted network connectivity from any Apple iOS by delivering persistent corporate access for users on the go. Whether providing access to business email, a virtual desktop session, or most other iOS applications, AnyConnect enables business-critical application connectivity. Through the use of Datagram Transport Layer Security (DTLS), TCP-based applications and latency-sensitive traffic (such as voice over IP [VoIP]) are provided an optimized communication path to corporate resources.
Additionally, AnyConnect support IPsec IKEv2 with Next Generation Encryption.
Features:
- Automatically adapts its tunneling to the most efficient method possible based on network constraints, using TLS and DTLS.
- DTLS provides an optimized connection for TCP-based application access and latency-sensitive traffic, such as VoIP traffic
- Network roaming capability allows connectivity to resume seamlessly after IP address change, loss of connectivity, or device standby
- Wide Range of Authentication Options: RADIUS, RSA SecurID, Active Directory/Kerberos, Digital Certificates, LDAP, multifactor authentication
- Supports certificate deployment using Apple iOS and AnyConnect integrated SCEP
- Compatible with Apple iOS Connect On Demand VPN capability for automatic VPN connections when required by an application
- Policies can be preconfigured or configured locally, and can be automatically updated from the VPN headend
- Access to internal IPv4 and IPv6 network resources
- Administrator-controlled split / full tunneling network access policy
- Per App VPN (TCP and UDP) - MDM controlled
If you are an end-user and have any issues or concerns, please contact your organization’s support department. If you are a System Administrator having difficulties configuring or utilizing the Application, please contact your designated support point of contact.
If you would like to give feedback, suggestions, or leave comments directly to the team, you can reach us on Twitter @anyconnect.
Release Notes:
https://www.cisco.com/c/en/us/support/security/anyconnect-secure-mobility-client/products-release-notes-list.html
User Guide:
https://www.cisco.com/c/en/us/support/security/anyconnect-secure-mobility-client/products-user-guide-list.html
End user license:
http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect40/license/end_user/AnyConnect-SEULA-v4-x.html
What’s New
General improvements and bug fixes.
Please report any questions or problems to ac-mobile-feedback@cisco.com.
MK
When i open accounts and password and try to make my phone remember the password to this app there is a blank field that i need to fill and it says website and if I don’t fill it the process won’t be done actually I want the phone to remember the pass for this app not any website I really don’t know what to do
Developer Response,
You should be able to put anything you want in this field as a label.
VPN Automatically connects without user permission
At least once daily, at a random time of day, the VPN will connect automatically and with no notification that it has done so. The little VPN logo just pops up on the top left all of a sudden. Considering a VPN routes all traffic through Cisco's network, this is an unacceptable privacy invasion. Also annoying bc there are random websites like 9to5mac that are blocked by Cisco and before I realized what was happening, was confused as to why it wasn't loading suddenly. The only way to prevent this is to delete the app between uses and reinstall. Before using the VPN for the first time each install, it won't auto connect so I basically avoid this app like the plague.
I do work at Cisco and yes it does. Something is turning it on without me opening any Cisco apps including any connections so this is because of Cisco not another IT department
Developer Response,
AnyConnect does not automatically connect; it is only triggered by the UI or by On-Demand or Per-App VPN profiles configured on the device. If these profiles are pushed to your device by your IT department we have no control over that. Also, the VPN traffic does not go over Cisco's network (unless you work for Cisco); it travels through your own corporate network to which you are connecting.
Works with 11.2 with caveat
With the server side workaround, AnyConnect now works on iOS 11.2, so I'm revising my rating from 1 to 5 stars.
Previous review: The VPN client will fail to establish a connection if running on a device with cellular and Wi-Fi both enabled. I reported this bug months ago but nobody has fixed it yet. Workaround is to disable cellular then you will be able to establish a VPN connection over Wi-Fi. If you want to establish a VPN connection over cellular, you will need to disable Wi-Fi.
Developer Response,
Hi Seth, this problem is due to an unannounced change in iOS 11.2 (and macOS 10.13.2), and it only affects a very specific configuration (it requires changing a default configuration item). I think you and I have been emailing on this, and your IT department is aware of the problem and also has a case open with Apple. Theyhave been informed of a workaround, and I just sent a followup email as a reminder, so please be patient. In the meantime you can delete the profile using the AnyConnect UI and should be able to establish a connection. If the server workaround has not been implemented the next connection will fail but you can repeat the process.
Information
Openvpn Client For Mac
Requires iOS 10.0 or later. Compatible with iPhone, iPad, and iPod touch.
Supports
Family Sharing
With Family Sharing set up, up to six family members can use this app.