Hello everyone,
I have an ASA5550, on which I have successfuly configured Anyconnect (Client version 3.1.10010) to authenticate with both Username/Password and User certificate issued by my internal CA.
What I'm actually trying to achieve is to allow only computer domain members to login to this VPN access. So users cannot connect to the VPN when they are in their non-corporate devices.
I know every domain member computer have a certificate issued by my internal CA. Is it possible to use this certificate to authenticate the VPN instead of the User Cert?
I only have cisco Anyconnect Essentials license.
Version 9.1(6)4
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 400 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Security Contexts : 2 perpetual
GTP/GPRS : Disabled perpetual
AnyConnect Premium Peers : 2 perpetual
AnyConnect Essentials : 5000 perpetual
Other VPN Peers : 5000 perpetual
Total VPN Peers : 5000 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual
Cluster : Disabled perpetual
