Does anybody know how to limit the number of VPN users using the DAP authentication ? I'm using this type of authentication to manage access to different VPN but since I started using it I can not control the maximum number of users connected to each vpn. Previously this value was running under "group policy" -> "simultaneous logins". Can someone help me?
Actually the simultaneous logins setting is for a single user, (How many times a user can connect with the same username simultaneously), the way to limit how many users can connect through Anyconnect or VPN client IPsec, is through any of these 2 commands:
* vpn-sessiondb max-anyconnect-premium-or-essentials-limit #
(This one is For AnyConnect Only)
* vpn-sessiondb max-other-vpn-limit #
(This one is for IPSec connections Only)
With DAP you can use it along with Host Scan, to do an Endpoint Posture assessment(Pre-login Assessment) to check if the endpoint compliance with certain parameters so I would allowed the user to connect, for example:
- You can allow Windows and Android users to connect Only, the rest of the OS will be terminated the session.
- The user should have the following AV and the signatures up to date otherwise he wont be able to connect.
For Further information:
Please proceed to rate and mark as correct this post! if it helped you, keep me posted if you have some other questions!
unfortunately, your proposal may not be useful :( :( I need a solutions for IPsec connections and the second one didn't work for me or i not figured out how to use it. I have the need to limit the number of single independent vpn users for each VPN, there is an expression to be inserted in the DAP to limit this number?