(Optional) Disable VPN Functionality (Post installation)
If the VPN functionality was not disabled during installation, it can optionally be disabled with a post-installation task or script. You can disable the Secure Client VPN functionality after installation by creating a special profile, VPNDisable_ServiceProfile.xml.
%ProgramData%\Cisco\Cisco Secure Client\VPN\Profile\VPNDisable_ServiceProfile.xml
Instead of copying the VPN profile, it can also be created with a script. This is useful if your endpoint management software supports post install scripts. The following example shows how to create the VPNDisable_ServiceProfile.xml using bash script.
$profile_file = "%PROGRAMDATA%\\Cisco\\Cisco Secure Client\\VPN\\Profile\\ VPNDisable_ServiceProfile.xml "
$data=@"
{
?\<xml version="1.0" encoding="utf-8"?>
<AnyConnectProfile xmlns="http://schemas.xmlsoap.org/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://schemas.xmlsoap.org/encoding/ AnyConnectProfile.xsd">
<ClientInitialization>
<ServiceDisable>true</ServiceDisable>
</ClientInitialization>
</AnyConnectProfile>
}
"@
if(-not(Test-Path -Path $profile_file))
{
$data > $profile_file
}
For more information, see How to Disable VPN Functionality in Cisco Secure Client.