03-22-2016 02:13 PM
In an effort to eliminate some of our Dynamic Access Policies, I am wondering if there is any log entries made from DAP? I see the DAP hits in my real time log viewer, it just doesn't provide very much information. I am specifically wondering if any of our users are using EOL Operating Systems like XP and ugh, Vista.
TIA,
Lee
Solved! Go to Solution.
03-25-2016 11:50 AM
Hi There,
You can see the Windows build version inside of the DAP trace if your ASDM log viewer is set to the debug level.
For example, here is a screenshot of the ASDM log viewer on a successful AnyConnect login:
We can see the following from the example:
A. The device is a Windows device.
endpoint.anyconnect.platform = "win"
B. The platform version is "6.1.7601 Service Pack 1".
endpoint.anyconnect.platformversion="6.1.7601 Service Pack 1"
Once we know the platform version, we can get the OS name by cross referencing it to this table:
Operating system | Version number |
---|---|
Windows 10 | 10.0* |
Windows Server 2016 Technical Preview | 10.0* |
Windows 8.1 | 6.3* |
Windows Server 2012 R2 | 6.3* |
Windows 8 | 6.2 |
Windows Server 2012 | 6.2 |
Windows 7 | 6.1 |
Windows Server 2008 R2 | 6.1 |
Windows Server 2008 | 6.0 |
Windows Vista | 6.0 |
Windows Server 2003 R2 | 5.2 |
Windows Server 2003 | 5.2 |
Windows XP 64-Bit Edition | 5.2 |
Windows XP | 5.1 |
Windows 2000 | 5.0 |
Official link to table:
https://msdn.microsoft.com/en-ca/library/windows/desktop/ms724832(v=vs.85).aspx
Based on the information from the table, we know that the client connecting is running Windows 7 SP1 or Windows Server 2008 SP1 since the "platform version" starts with 6.1.
Let us know if this helps!
*** Please rate helpful posts and mark answers as correct so the community can benefit ***
03-25-2016 11:50 AM
Hi There,
You can see the Windows build version inside of the DAP trace if your ASDM log viewer is set to the debug level.
For example, here is a screenshot of the ASDM log viewer on a successful AnyConnect login:
We can see the following from the example:
A. The device is a Windows device.
endpoint.anyconnect.platform = "win"
B. The platform version is "6.1.7601 Service Pack 1".
endpoint.anyconnect.platformversion="6.1.7601 Service Pack 1"
Once we know the platform version, we can get the OS name by cross referencing it to this table:
Operating system | Version number |
---|---|
Windows 10 | 10.0* |
Windows Server 2016 Technical Preview | 10.0* |
Windows 8.1 | 6.3* |
Windows Server 2012 R2 | 6.3* |
Windows 8 | 6.2 |
Windows Server 2012 | 6.2 |
Windows 7 | 6.1 |
Windows Server 2008 R2 | 6.1 |
Windows Server 2008 | 6.0 |
Windows Vista | 6.0 |
Windows Server 2003 R2 | 5.2 |
Windows Server 2003 | 5.2 |
Windows XP 64-Bit Edition | 5.2 |
Windows XP | 5.1 |
Windows 2000 | 5.0 |
Official link to table:
https://msdn.microsoft.com/en-ca/library/windows/desktop/ms724832(v=vs.85).aspx
Based on the information from the table, we know that the client connecting is running Windows 7 SP1 or Windows Server 2008 SP1 since the "platform version" starts with 6.1.
Let us know if this helps!
*** Please rate helpful posts and mark answers as correct so the community can benefit ***
03-25-2016 12:25 PM
Thank you so much!
03-25-2016 12:27 PM
You are very welcome, glad to help!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide