09-02-2019 01:42 AM
Hi All,
Having some queries regarding setup of Cisco anyconnect Vpn client, it would be great for me if anyone would help me
1) Can I restrict a user to download anyconnect client software via webvpn after user enter their login credentials using local/Ldap server.
2) is it Cisco ASA supports any third party 2FA application i.e innefu for anyconnect user to authenticate for 2FA
09-02-2019 01:57 AM - edited 09-02-2019 01:59 AM
Hi
in general 2FA is supported. as most solutions are set up as radius server and the ASA will just send the "password" entered in the second Password field to the radius server. Or like DUO, LDAPS is used.
Brief description here:
Another solution would be (Thales/Gemalto) SafeNet, or RSA, or Microsoft MFA.
These are solutions for OneTimePasswords, Assuming you meant this as 2FA. You also can use certificates or another LDAP Directory as 2nd factor.
at 1)
you want all users to download the anyconnect client when logged in? or only some?
when these user groups have separate Group Policies tied, you can set it at AnyConnect Profile file, by (un-)checking Auto-Update for the appropriate group policy.
09-02-2019 03:07 AM
Hi Nuuul,
Thanks for your reply. Please find my remarks below
1)y want all users to download the anyconnect client when logged in? or only some?
Ans- Want only the users who I have authorized can download anyconnect client software after login in anyconnect webvpn.
Also do you please elaborate your below point :-
when these user groups have separate Group Policies tied, you can set it at AnyConnect Profile file, by (un-)checking Auto-Update for the appropriate group policy
09-02-2019 03:06 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide