Our PCI scan vendor has recently began flagging the outside interfaces of all of our firewalls that have AnyConnect enabled on them. Does anyone know if there is a way to enable HSTS on AnyConnect / WebVPN or the outside interface?
Go to Solution.
webvpn enable outside hsts enable max-age 31536000 include-sub-domains no preload
Is there any way to prevent users from bypassing security issues (does HSTS work on Anyconnect itself?), such as cert errors or tls errors?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: