04-10-2015 07:56 AM - edited 02-21-2020 08:10 PM
Hi,
we are using cisco anyconnect for VPN to connect to our network. the authentication is through Radius server. The problem is that if a user who have access to vpn can download anyconnect to any computer at his home and able to connect. What i want is to have all users who have VPN access to use their company provided laptops only, if they are using their personal computers they should be blocked. is there a way our ASA can only allow specific laptops ? The VPN appliance in my network is ASA 5515-x.
Can any one guide me, how to achieve this ? Any appliance etc. ?
04-10-2015 09:06 AM
If you have AnyConnect Premium with Advanced Endpoint Assessment (or the new AnyConnect Apex) licenses, you can perform a check to determine of the remote device is a domain member (or any other number of such checks involving registry keys etc.).
With AnyConnect Essentials (or the new AnyConnect Plus) this is not possible.
04-10-2015 10:57 AM
thanks for your reply. So it is impossible ? No work around ?
04-10-2015 11:06 AM
Not as far as I know.
If you have the basic license, you get basic functionality.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide