Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
625
Views
0
Helpful
1
Replies

Limitation access with License VPN for mobile.

Rachid Zahraoui
Level 1
Level 1

‎12-09-2013 02:53 PM

Hi,

I have an ASA5520, with a premium license for SSL VPN Peers plus a license for Anyconnect Mobile.

I manage Remote VPN access by ACS server.

Can you tell me if it is possible to restrict VPN connections  with AnyConnect Mobile, just same users will have the right to use the  license anyconnect For Mobile.

If yes, premium and mobile licenses are sufficient? How can i do that by Dynamic Access Policies (DAP)?

Thanks for your Help.

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-10-2013 02:09 PM

The Mobile license is unlimited so by itself it doesn't consume license count. If you want only some users to be able to connect via mobile for other reasons, you could use DAP.

For instance create a group for PC-based SSL VPN users, check for OS = Windows. (plus Mac and Linux if applicable). Create a second VPN group for mobile users checking that group for OS = Apple iIOS (plus Android if applicable) AND a AAA attribute (user = member of a defined group or listed by userid). You could further restrict it by device UID if you want to be that granular.

See the example here:

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a0080bf4915.shtml#anc23

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents