Hello,
Assuming I identify an user with a compromised account, is there any way to disable his active Cisco AnyConnect VPN sessions?
Thanks!
Hi @vladb2
How is this user authenticated? If using username/password either with a local account on the ASA or LDAP/Active Directory, just disable the account and that should stop them authenticating on the VPN.
HTH
If you want to end an active user session, use the command vpn-sessiondb logoff name <the username of that session>.
What @Aref Alsouqi said will kill the current session. Before doing that also be sure to deactivate the account in whatever aaa server method(s) is/are used (local, AD etc.) as @Rob Ingram noted.