We are trying to remediate the RA VPN vulnerability of CVE-2023-20269. We use TACACS+ to login, but there is a local backup account in case TACACS+ goes down. Is there some way to prevent this account from being utilized by AnyConnect?
I understand we can lock a userame into a profile, but I don't believe that's what I'm intending on doing.
Thanks