[MacTUG] FW: Software Update - MacOS Big Sur & Safari 14.0.1
jjohnston at uwaterloo.ca
jjohnston at uwaterloo.ca
Fri Nov 13 16:38:08 EST 2020
AnyConnect will work under Big Sur, but it has different failure modes. Sometimes it:
- Works fine
- the OS flags it as a 32-bit app and won't even let you uninstall it (run a manual uninstallation as mentioned below, then reinstall app)
- the OS doesn't trust the System Extension (repeatedly). Go to system preferences, enable it, reboot -- repeat until the system preferences no longer complains (took 3 tries on one machine). Could also just reinstall.
- Installs fine, launches fine then the GUI gets into a tight loop demanding that you enter a valid server address, but the pop-ups block access to the input field AND you cannot kill it through normal methods (GUI is too busy). So, do a 'ps' and kill it from a command prompt. It will work fine on the next launch.
These are all of the cases that I've encountered/debugged so far. There are probably more.
All of the above is happening on classic Macs with Intel chips ... I haven't tried Apple Silicon yet.
Jim
From: MacTUG <mactug-bounces at lists.uwaterloo.ca> On Behalf Of jjohnston at uwaterloo.ca
Sent: November 13, 2020 3:04 PM
To: mactug at lists.uwaterloo.ca
Subject: Re: [MacTUG] FW: Software Update - MacOS Big Sur & Safari 14.0.1
On my Big Sur test Mac, I ran (as root):
root at mfcfmac41 ~ # /opt/cisco/vpn/bin/vpn_uninstall.sh
Uninstalling Cisco AnyConnect Secure Mobility Client...
/opt/cisco/vpn/bin/vpn_uninstall.sh: line 88: /opt/cisco/anyconnect/bin/manifesttool: Bad CPU type in executable
Executing: /usr/bin/kmutil showloaded
No variant specified, falling back to release
Successfully removed Cisco AnyConnect Secure Mobility Client from the system.
Then I clean installed the VPN client again and it works fine now.
In this case I installed the client via JAMF policy, but
that policy literally runs the installer that we grabbed from
cn-vpn.uwaterloo.ca, so it should work for anyone.
This version of the client still asks for the Cisco system extension to
be approved, and a reboot to activate it once the user has approved it.
System Preferences -> Security & Privacy -> New system extension... (at bottom)
So, as long as the end user has local admin rights (or you can screen share),
or the Mac is managed and MDM/DEP is configured correctly, then this will be
a nuisance but not insurmountable.
Jim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.uwaterloo.ca/pipermail/mactug/attachments/20201113/014e1e9c/attachment-0001.html>
More information about the MacTUG
mailing list