Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

How to disable product update on Cisco AnyConnect mobility client


Do you anybody know how to disable/turn off "Checking for product update" during _every_ connecting Cisco Anyconnect Secure Mobility Client (VPN) to remote sites?

I found it may by possible on the ASA side, but I need to disable it on the client (computer). I can see that checking is NOT during connecting to my company site, but when connecting to ANY OTHER site everytime is new version checked. It takes some time ... and I need to switch between VPN often.

Thank you for your help!

Regards, Ondrej



You should be able to do this

You should be able to do this in the AnyConnect local policy. Just add (or edit, if you already have a local policy file) the following to the local policy file:

<!--?xml version="1.0" encoding="UTF-8"?-->
<anyconnectlocalpolicy acversion="2.4.140" xmlns="" xmlns:xsi="" xsi:schemalocation=" AnyConnectLocalPolicy.xsd">

The local policy file can be found here:

Windows Vista/7/8: C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\AnyConnectLocalPolicy.xml
Linux/Mac: /opt/cisco/anyconnect/AnyConnectLocalPolicy.xml

See the Enabling FIPS and Additional Security in the Local Policy section of the Cisco AnyConnect Secure Mobility Client Administrator Guide, Release 3.1 for more details.

New Member

Hello there --

Hello there --

This may be a silly question but will updating the local policy keep the software from installing the Start before login module? I have a user that I removed and reinstalled the Cisco Anyconnect Secure Mobility Client and vpn did not encounter any issues until (it appears) that module was added.

Alas, I have no experience

Alas, I have no experience using the start before login module, so I can't say for certain. If you're installing it manually, I imagine that there would be no interference. If it's somehow being installed automatically, then this policy might well prevent that from working properly.

New Member

Thank you, Jody. It is an old

Thank you, Jody. It is an old thread so I wasn't sure that I would get a response. I am going to give it a try and see if that is the case.

New Member

Hi Jody --

Hi Jody --

Thank you...that did the trick for my user! :)

New Member

This is correct, however, on

This is correct, however, on a Mac the next step you need to take is to remove this application from your Login items, found at System Preferences > Users > Login Items.



Modify XML AnyConnect Client Profile as follows:
<AutoUpdate UserControllable="false">false</AutoUpdate>


1. Navigate to:
Configuration --> Remote Access VPN --> Network (Client) Access --> AnyConnect Customization/Localization --> AnyConnect Client Profile -->

2.Select Profile Name
"Profile Name" --> VPN --> Preferences (Part 1)

3. Uncheck "Auto Update"