topic Anyconnect client detecting in Network Security

Anyconnect client detecting

lyutov_dv — Fri, 21 Feb 2020 14:28:04 GMT

Hi,
I need to block Anyconnect Client for some users using Firepower. I found APP in the base "AnyConnect SSL Client" but it doesnt work, firepower cant detect this application and cannot block it.
What's the reason? Is it possible to block Anyconnect?

Re: Anyconnect client detecting

Marvin Rhoads — Wed, 11 Oct 2017 15:08:23 GMT

Is your goal to prevent SSL VPN clients from transiting outbound via your network perimeter?

Re: Anyconnect client detecting

lyutov_dv — Wed, 11 Oct 2017 15:18:48 GMT

I'd like to block AnyConnect only but if it's not possible blocking all the SSL VPN Clients would be ok

Re: Anyconnect client detecting

Marvin Rhoads — Wed, 11 Oct 2017 15:30:45 GMT

I checked in my lab and see that Firepower does not identify the AnyConnect application. Instead it only sees the not-very-helpful "SSL Client" and https transport protocol when I establish an SSL VPN using AnyConnect via my FTD device.

It might be worth raising a TAC case as it would seem to be something we should be able to do - I'm just not seeing how at the moment.

Re: Anyconnect client detecting

lyutov_dv — Wed, 11 Oct 2017 15:35:48 GMT

Thank you!
I'll try to raise TAC case then

Re: Anyconnect client detecting

Marvin Rhoads — Wed, 11 Oct 2017 15:37:51 GMT

You're welcome.

Please let us know what they tell you - I'm curious to learn it myself now that you've asked.