cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


260
Views
0
Helpful
0
Replies
Highlighted
Beginner

Cisco AnyConnect User and Machine Certificate Based Authentication

Hi all,

I'm looking at an AnyConnect solution that utilises certs to authenticate the user and machine.  The aim is that there is no user interaction with AnyConnect once logged into Windows using AD credentials and that AnyConnect auto connects with TND.  The CA is part of an Active Directory.  Question is around the authentication.  How will I know if the AD user or machine account is enabled or disabled when authenticating via certs?  Would I require a separate DAP to check via LDAP the status of user and machine accounts within AD?  Lastly, if I have a user and machine cert in my certificate store how does AnyConnect distinguish between the two which is user and which is the machine?

Thanks, Wayne

Everyone's tags (3)
CreatePlease to create content
Content for Community-Ad
FusionCharts will render here