Hello Cisco Community,
My goal is to allow only some users to connect to AnyConnect VPN via mobile systems such as Android and IOS.
Currently, we have several Tunnel Groups and Group Policies, that identify certain organizational units of our customer.
We use certificates and RADIUS for authentication and identification for all of these groups and users.
What I would like to do is to use Host Scan and deny the access for all of these groups from Android and IOS.
Then issue certificates that will distinguish mobile devices, that way, I will be able to identify Group Policy that is allowed to use mobile devices to connect to VPN.
This of course means, that Host Scan would need to be able to even detect Android and IOS. However, I can find only very old Host Scan documentation, where IOS and Android are not mentioned as supported platforms. We don't have ISE, I need to do this on ASA level.
Thanks,
Jan