Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
385
Views
0
Helpful
3
Replies

[AnyConnect] How to Distinguish Mobile Phone Users from Tablet Users

Kaelich91
Level 1
Level 1

‎06-25-2018 07:27 AM - edited ‎03-12-2019 05:24 AM

Hello Experts,

Is it possible to distinguish a mobile phone user from someone who is connecting from a tablet, and assign them a different policy ?

I have found a few thing about a feature called Host Scan but that doesn't seem to fit here, does it ?

Thank you for your help guys.

Labels:
0 Helpful
3 Replies 3

Rob Ingram
VIP
VIP

‎06-25-2018 07:47 AM

Hi,
How are you authenticating the users/devices? If you had ISE as the RADIUS server, you could use ISE profiling to determine what type of device and then create authorization rules to assign a specific GP to the type of device.

What authentication method are you using? If you were using certificates you could perhaps have a specific entry in the OU for tablets and then another value for phones and authorize depending on that extracted value and assign a different GP.

HTH
0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Rob Ingram

‎06-25-2018 07:53 AM

Hostscan is only good for desktop OS's. more a mobile device you'd have to go a route like @Rob Ingram suggested.

 

One other alternative is if you manage your mobile devices with an MDM product. You can potentially push a VPN policy using it and/or integrate it with ISE (requires ISE Apex licenses) as well.

0 Helpful

Kaelich91
Level 1
Level 1
In response to Rob Ingram

‎06-26-2018 10:44 AM

Hello, thank you for your answers guys.

I will use LDAP auth by connecting the ASA. Unfortunately I don't have ISE.

 

0 Helpful
Customers Also Viewed These Support Documents