Cisco AnyConnect and Umbrella Roaming client is EOL in April/24
I’m looking for guidance to create a worklet that will install a Cisco secure client with an Umbrella module and enable the Computer Services option so only administrators start/stop Cisco Secure Client's services on a device.
Hello! This is what I did - If you have questions, please comment below.
Evaluation Code:
Exit 1Remediation Code:
# Check if Cisco Secure Client VPN Module is installed
$vpnInstalled = Test-Path "C:\Program Files (x86)\Cisco\Cisco Secure Client\vpnagent.exe"
if (-not $vpnInstalled) {
Write-Output "Installing Cisco Secure Client VPN Module."
msiexec /package "cisco-secure-client-win-5.1.2.42-core-vpn-predeploy-k9.msi" /norestart /quiet PRE_DEPLOY_DISABLE_VPN=1 LOCKDOWN=1
Start-Sleep -Seconds 20
} else {
Write-Output "Cisco Secure Client VPN Module is already installed"
}
# Check if Cisco Umbrella Roaming Security Agent is installed
$umbrellaInstalled = Test-Path "C:\Program Files (x86)\Cisco\Cisco Secure Client\UmbrellaDiagnostic.exe"
if (-not $umbrellaInstalled) {
Write-Output "Installing Cisco Secure Client Umbrella Roaming Security Agent."
msiexec /package "cisco-secure-client-win-5.1.2.42-umbrella-predeploy-k9.msi" /norestart /quiet LOCKDOWN=1
Start-Sleep -Seconds 20
} else {
Write-Output "Cisco Secure Client Umbrella Roaming Security Agent is already installed"
}
# Check if Cisco Diagnostics and Reporting Tool is installed
$dartInstalled = Test-Path "C:\Program Files (x86)\Cisco\Cisco Secure Client\DART\dartcli.exe"
if (-not $dartInstalled) {
Write-Output "Installing Cisco Diagnostics and Reporting Tool."
msiexec /package "cisco-secure-client-win-5.1.2.42-dart-predeploy-k9.msi" /norestart /quiet
Start-Sleep -Seconds 20
} else {
Write-Output "Cisco Diagnostics and Reporting Tool is already installed. Exiting."
exit
}
# Copy OrgInfo.json to Cisco Secure Client Umbrella directory
Write-Output "Copying OrgInfo.json to Umbrella directory."
Copy-Item "OrgInfo.json" "C:\ProgramData\Cisco\Cisco Secure Client\Umbrella\OrgInfo.json" -Force
# Add Cisco Umbrella Root Certificate to the Root Certificate store
Write-Output "Adding Cisco Umbrella Root Certificate to the Root Certificate store."
certutil -enterprise -f -v -AddStore "Root" "Cisco_Umbrella_Root_CA.cer"
Payload:
Thanks, Chall.
Does anyone happen to have the script to install Umbrella and deploy the root certificate on Mac?
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.