10-26-2020 09:26 AM
Hello,
Assuming I identify an user with a compromised account, is there any way to disable his active Cisco AnyConnect VPN sessions?
Thanks!
10-26-2020 09:30 AM
Hi @vladb2
How is this user authenticated? If using username/password either with a local account on the ASA or LDAP/Active Directory, just disable the account and that should stop them authenticating on the VPN.
HTH
10-26-2020 10:06 AM
If you want to end an active user session, use the command vpn-sessiondb logoff name <the username of that session>.
10-26-2020 10:28 AM
What @Aref Alsouqi said will kill the current session. Before doing that also be sure to deactivate the account in whatever aaa server method(s) is/are used (local, AD etc.) as @Rob Ingram noted.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide