Cisco AnyConnect broken on Catalina

Cisco AnyConnect is broken on Catalina. Throws up "The VPN client was unable to successfully verify the IP forwarding table modifications. A VPN connection will not be established." error. Using version 4.7 of Cisco AnyConnect. Worked fine before upgrade to Catalina.

Replies

The same exact experience is occuring for me.
If I discover a workaround, I'll be sure to post about it here

Same thing happened with the first and successive betas of Mojave. The fix ended up being a new version of AnyConnect by Cisco.

Is there an alternative to AnyConnect can be used?

OpenConnect is an alternative, depending on what you are trying to connect to this might not be allowed. I have also not tested this on 10.15.

Depending on what you're trying to connect to, Cisco IPSec and others are available in macOS by default by adding a VPN interface in Network Preferences.

If your Mac is connected to an MDM use a profile pushed by it to whitelist the kext and see if it works after this. I expect the kext isn’t notarized so isn’t loading. Moving forward Cisco would need to ideally use DriverKit rather than a kext. I would create a support case with Cisco around this.

Same problem here.

version 4.7.0.3.0.52 is somehow working but getting "failed to load compliance module" error msg of system scan.

Maul. Do you have a link to offer for the download of this version? I can't seem to find it.

Try to start app via terminal with sudo. For me it worked.

Confirmed. This approach worked for me too. Thanks!

Can you provide the commands/instructions for this? I am not able to duplicate this.

Does this require using the 4.7.x variant of the client? I'm using 4.6.x and sudo-starting the app didn't improve the situation.

I am guessing something like this but it did not resolve my issue (obscured some information):


$ sudo /opt/cisco/anyconnect/bin/vpn connect vpn.domain.com

Cisco AnyConnect Secure Mobility Client (version 4.7.03052) .


Copyright (c) 2004 - 2019 Cisco Systems, Inc. All Rights Reserved.


>> state: Disconnected

>> state: Disconnected

>> notice: Ready to connect.

>> registered with local VPN subsystem.

>> contacting host (vpn.domain.com) for login information...

>> notice: Contacting vpn.domain.com.


>> Please enter your username and password.

0) Group1

1) Group2

Group: [Group2]


Username: [user@domain.com]

Password:

>> state: Connecting

>> notice: Establishing VPN session...

>> notice: The AnyConnect Downloader is performing update checks...

>> notice: Checking for profile updates...

>> notice: Checking for product updates...

>> notice: Checking for customization updates...

>> notice: Performing any required updates...

>> notice: The AnyConnect Downloader updates have been completed.

>> state: Connecting

>> notice: Establishing VPN session...

>> notice: Establishing VPN - Initiating connection...

>> notice: Establishing VPN - Examining system...

>> notice: Establishing VPN - Activating VPN adapter...

>> notice: Establishing VPN - Configuring system...

>> state: Disconnecting

>> notice: Disconnect in progress, please wait...

>> state: Disconnecting

>> error: The VPN client was unable to successfully verify the IP forwarding table modifications. A VPN connection will not be established.

>> state: Disconnected

>> notice: Ready to connect.

VPN>

I am using Catalina Beta 2, and I experienced no issues with anyconnect.