Re: Anyconnect client detecting

lyutov_dv · ‎10-10-2017

Hi,
I need to block Anyconnect Client for some users using Firepower. I found APP in the base "AnyConnect SSL Client" but it doesnt work, firepower cant detect this application and cannot block it.
What's the reason? Is it possible to block Anyconnect?

Marvin Rhoads · ‎10-11-2017

Is your goal to prevent SSL VPN clients from transiting outbound via your network perimeter?

lyutov_dv · ‎10-11-2017

I'd like to block AnyConnect only but if it's not possible blocking all the SSL VPN Clients would be ok

Marvin Rhoads · ‎10-11-2017

I checked in my lab and see that Firepower does not identify the AnyConnect application. Instead it only sees the not-very-helpful "SSL Client" and https transport protocol when I establish an SSL VPN using AnyConnect via my FTD device.

It might be worth raising a TAC case as it would seem to be something we should be able to do - I'm just not seeing how at the moment.

lyutov_dv · ‎10-11-2017

Thank you!
I'll try to raise TAC case then

Marvin Rhoads · ‎10-11-2017

You're welcome.

Please let us know what they tell you - I'm curious to learn it myself now that you've asked.