This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Disclaimer
JUMPCLOUD EXPRESSLY DISCLAIMS ALL REPRESENTATIONS, WARRANTIES, CONDITIONS, AND LIABILITIES OF ANY KIND ARISING FROM OR RELATED TO THIRD-PARTY SOFTWARE, SCRIPTS, REPOSITORIES, AND APIS. JUMPCLOUD IS NOT REQUIRED TO SUPPORT ANY SUCH THIRD-PARTY MATERIALS AND ALL RISKS RELATED TO THIRD-PARTY MATERIALS ARE YOUR RESPONSIBILITY. PLEASE ALSO REVIEW THE JUMPCLOUD TOS.

Cisco AnyConnect Command install with install options and profile creation.

Fulgubbe
Novitiate III

‎04-26-2022 04:53 AM - edited ‎04-26-2022 09:49 AM

Hi! 

Thought i should share how we install Cisco AnyConnect with install Options and profile creation. We just want to install the VPN client and not all the other features the pkg contains but you can choose what you want with <integer>1</integer> or <integer>0</integer>. The script also creates a Profile on target machine with chosen attributes.

You can use this script as a daily command (if installed it will exit) or in a post install script in an empty pkg if you want to utilize the software management funktion.

 

#!/bin/sh

downloadLink="YOUR AnyConnect.pkg DOWNLOAD LINK"
pkgName="AnyConnect.pkg"
companyName="YOUR COMPANY NAME"
vpnHostname="YOUR VPN HOSTNAME URL"

#Check if installed
if [ -d /Applications/Cisco/ ];
then
  echo "Already Installed"
  exit 0
else

#Add install chooices
cat > /tmp/vpn_install_choice.xml <<EOF
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<array>
     <dict>
         <key>attributeSetting</key>
         <integer>1</integer>
         <key>choiceAttribute</key>
         <string>selected</string>
         <key>choiceIdentifier</key>
         <string>choice_vpn</string>
     </dict>
     <dict>
         <key>attributeSetting</key>
         <integer>0</integer>
         <key>choiceAttribute</key>
         <string>selected</string>
         <key>choiceIdentifier</key>
         <string>choice_websecurity</string>
     </dict>
     <dict>
         <key>attributeSetting</key>
         <integer>0</integer>
         <key>choiceAttribute</key>
         <string>selected</string>
         <key>choiceIdentifier</key>
         <string>choice_fireamp</string>
     </dict>
     <dict>
         <key>attributeSetting</key>
         <integer>0</integer>
         <key>choiceAttribute</key>
         <string>selected</string>
         <key>choiceIdentifier</key>
         <string>choice_dart</string>
     </dict>
     <dict>
         <key>attributeSetting</key>
         <integer>0</integer>
         <key>choiceAttribute</key>
         <string>selected</string>
         <key>choiceIdentifier</key>
         <string>choice_posture</string>
     </dict>
     <dict>
         <key>attributeSetting</key>
         <integer>0</integer>
         <key>choiceAttribute</key>
         <string>selected</string>
         <key>choiceIdentifier</key>
         <string>choice_iseposture</string>
     </dict>
     <dict>
         <key>attributeSetting</key>
         <integer>0</integer>
         <key>choiceAttribute</key>
         <string>selected</string>
         <key>choiceIdentifier</key>
         <string>choice_nvm</string>
     </dict>
     <dict>
         <key>attributeSetting</key>
         <integer>0</integer>
         <key>choiceAttribute</key>
         <string>selected</string>
         <key>choiceIdentifier</key>
         <string>choice_umbrella</string>
     </dict>
</array>
</plist>
EOF

#Download installer
curl -L -o /tmp/$pkgName $downloadLink

#Install AnyConnect with choices
/usr/sbin/installer -pkg /tmp/$pkgName -applyChoiceChangesXML /tmp/vpn_install_choice.xml -target /

#Add VPN Profile
cat > /opt/cisco/anyconnect/profile/$companyName.xml <<EOF
<AnyConnectProfile xmlns="http://schemas.xmlsoap.org/encoding/">
  <ClientInitialization>
    <WindowsLogonEnforcement>SingleLocalLogon</WindowsLogonEnforcement>
    <WindowsVPNEstablishment>AllowRemoteUsers</WindowsVPNEstablishment>
  </ClientInitialization>
  <ServerList>
    <HostEntry>
      <HostName>$companyName</HostName>
      <HostAddress>$vpnHostname</HostAddress>
    </HostEntry>
  </ServerList>
</AnyConnectProfile>
EOF
fi

 

4 REPLIES 4

ethernet
Novitiate I

‎08-25-2022 07:54 PM

This looks perfect for our anyconnect deployment coming up. Have you by chance found a solution for Windows as well?

0 Kudos

Fulgubbe
Novitiate III
In response to ethernet

‎08-26-2022 07:51 AM - edited ‎08-26-2022 07:53 AM

For win i just use our internal chocolatey server. Win dont really need install options so you can just use chocolatey to install application and commands to install xml file for host settings.

JuergenKlaassen
Rising Star III
Rising Star III

‎08-25-2022 08:24 PM

💪This is super cool. Thanks for sharing, @Fulgubbe 

Idan
JumpCloud Alumni
JumpCloud Alumni

‎08-26-2022 12:21 PM

Great script @Fulgubbe, thanks for sharing!!

Did you consider using the ability to push files with commands?

I personally like pushing small config files using commands instead of creating them via the script dynamically. If I need to modify the file dynamically, I parse it or use placeholders in the config file. 

0 Kudos
You Might Like

New to the site? Take a look at these additional resources:

Community created scripts:

Our new Radical Admin blog:

Keep up with Product News:

Read our community guidelines

Ready to join us? You can register here.