ASA packet inspection capabilities

Unanswered Question
Apr 15th, 2008

Hello,

Does Cisco ASA have a capability to check packets and drop some packets with say Skype or MSN or ICQ content?


Another question: if we use WebVPN client to connect to our network through ASA, can we use some certificates for that in addition to login/password pair? I mean login will be allowed only from external PC which has some secret file with certificate known to ASA.

Thanks.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ebreniz Mon, 04/21/2008 - 09:05

Yes Cisco ASA have a capability to check packets and drop some packets.

Do you have your tunnel group configured for Certificate Authentication?

It seems you enabled the interface Outside to ask for Certificates but probably your Tunnel Group Authentication Policy is not configured to authenticate by Certificate or both Methods (AAA and Certificate)


Actions

This Discussion