Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1126
Views
0
Helpful
0
Replies

Anyconnect Always on + Posture + Checkpoint VPN

Velocis Bangalore
Level 1
Level 1

‎11-25-2020 11:01 PM


Hello Everyone,

 

Here I have a specific requremtent from a customer.

 

To make things clear.
     Customer = My Client
     Client = My Client's Client

 

1) Customer's Remote working employees will be connecting to enterprise network using Anyconnect VPN.
2) At the same time they will also be connecting to their client's network via checkpoint VPN client. (they will be having two VPN Clients in their machine)
3) Posture check is mandatory, in order to connect to Customers’s network and it is a Full tunnel.

 

The problem here is, some of the employees may not connect to Customer's VPN (Cisco) as their job require them to connect to their client VPN (Checkpoint) only as there is no need for them to connect to the Customer VPN, this is causing the user machine not have the latest GPO updates and other patches.

 

So customer is looking for feature where the VPN Tunnel is Always-On or something that runs in the background and mandatory and can do Posture check as well, and sill the Employees can connect to their client network using Checkpoint VPN. something like Tunnel inside Tunnel.

 

Is is possibel to have a Tunnel inside Tunnel w.r.t Client VPN?
If we use the Management VPN Tunnel feature, will that support posture check as well?
Or, is there any other solution that can solve this probem?

 

Anyconnect version : 4.7.0.1076
VPN Headend : FTD 2140 (ASA 9.12.7)
ISE 2.6 patch 7


Thank you

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents