Skip to content

Cisco AnyConnect on Catalina

This article shows a way to solve a common problem of Cisco AnyConnect on macOS Catalina

The problem

Recently working for a new client, they asked us to use Cisco AnyConnect to access the private networks, so when I was setting up the connection suddenly this error shows up:

"AnyConnect cannot confirm it is connected to your secure gateway. The local network may not be trustworthy. Please try another network."

The solution

After googling for quite a while I found the answer to my problem on Cisco’s forum. So to summarize here is what you need to do:

  1. Close Cisco Any Connect
  2. Move to the directory /opt/cisco/AnyConnect
  3. Open up the file AnyConnectLocalPolicy.xml (You will need to be sudo to edit it)
  4. Set the ExcludeMacNativeCertStore variable to true
  5. Save and close the file.
  6. Open up AnyConnect again and you should be able to connect again

Here is an example of what it should look like before and after: 

<!-- Before -->
<ExcludeMacNativeCertStore>false</ExcludeMacNativeCertStore>

<!-- After -->
<ExcludeMacNativeCertStore>true</ExcludeMacNativeCertStore>

Link to the original article on the Cisco's forums: https://community.cisco.com/t5/vpn/anyconnect-got-an-error-after-updating-macos-catalina/td-p/3937692