08-03-2015 01:46 AM
Hi,
I have a remote access Any Connect VPN, at the moment any user is able to connect in with any laptop that has the any connect client installed, they just have to type in their username and password, does anyone know how I can lock this down so that a second authentication occurs and makes sure the laptop they are logging in from is a domain machine. I do have a Radius server setup and an OU with all my domain computers etc. I read Cisco Secure Desktop can do this but can't download it apparently it has been discontinued.
Thanks
08-03-2015 02:30 AM
You can use certificate-based authentication together with username/Password. Or you use hostscan (the component of CSD that is still supported) to search for signs that the PC is company owned. But the second option is not as strong as using certificates.
08-03-2015 03:22 AM
Hi Karsten,
Thank you for your reply, do you know of any guides showing how to configure secondary authentication with a certificate? Thank you for your help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide