Was wondering if anyone could shed any light on a situation I have.
We want to authenticate a machine connecting to our VPN infrastructure using a machine certificate AND authenticate the user with a separate user certificate (whether its stored locally or on some sort or token or smartcard) so that the logon process is seamless for the user, but we know the user is valid AND they are using a company machine.
From my testing in the lab, it looks like the Cisco VPN client can only use a single certificate.
I believe I can use the Microsoft VPN client (L2TP/IPSEC) to use both a machine and user cert, but this means I loose the ability to tunnel IPSEC through TCP which is a requirement.
Can someone please let me know if this can be done with the Cisco VPN client.