Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
418
Views
0
Helpful
4
Replies

ASA question

Go to solution
coconino1969
Level 1
Level 1

‎07-21-2014 07:01 PM - edited ‎03-11-2019 09:30 PM

Hello Forum

 

Device - Cisco ASA 5540 (9)

 

Is it possible to create rules to allow a VPN user to login using his Windows laptop but stop his IPAD?

 

Thanks for the help.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni

‎07-21-2014 10:03 PM

Hello,

 

For this kind of setup you are looking for an Identity Engine that based on signatures can determine what device you are using to connect.

 

For this you can use the Cisco ISE but not the Cisco ASA.

 

Regards,

 

jcarvaja
CCIE R&S 42930, 2-CCNP,JNCIS-SEC
Looking for a quick remote support session? Contact us at inetworks.cr 

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni

‎07-21-2014 10:03 PM

Hello,

 

For this kind of setup you are looking for an Identity Engine that based on signatures can determine what device you are using to connect.

 

For this you can use the Cisco ISE but not the Cisco ASA.

 

Regards,

 

jcarvaja
CCIE R&S 42930, 2-CCNP,JNCIS-SEC
Looking for a quick remote support session? Contact us at inetworks.cr 

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

Go to solution
coconino1969
Level 1
Level 1
In response to Julio Carvajal

‎07-23-2014 09:54 AM

Thanks for the help J

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-23-2014 07:46 PM

You can do this without needing to use ISE by using Dynamic Access Policies (DAP) if you have AnyConnect Premium and Advanced Endpoint Assessment licensing on the ASA.

Reference.

Also, without AnyConnect for Mobile licensing the iPad client won't be able to login at all.

0 Helpful

Go to solution
coconino1969
Level 1
Level 1
In response to Marvin Rhoads

‎07-24-2014 11:40 AM

Marvin

Thanks for the input.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card