Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
374
Views
0
Helpful
1
Replies

Cisco VPN Client - enforce remote access device to be corportate

d.novakovic
Level 1
Level 1

‎01-23-2009 11:14 PM - edited ‎03-10-2019 04:18 PM

Hi

i look for a solution to check if a connecting remote access client device is corporate device or not before the vpn connection is permitted.

I want to use the standard Cisco VPN Client (IPSEC) and use the "IPSEC-over-TCP" feature and change the IoT-Port from 10000 to 443 so clients only need TCP443 to start an full IPSEC connection.

This ssl-vpn trend is to expensive (licensed per concurrent users.. BOAHH!).

I want the users to use GINA (start vpn before windows logon) and login after successfull vpn to their windows domain so that login scripts can work and network drives are mapped.

But how to ENFOrCE that it must be a corporate device and the users dont install vpn client on a private device?

Thank you

Labels:
0 Helpful
1 Reply 1

Collin Clark
VIP Alumni
VIP Alumni

‎01-26-2009 06:33 AM

This should give you a starting point.

http://www.cisco.com/en/US/docs/ios/12_3/12_3x/12_3xa/gt_802_1.html

Hope that helps.

0 Helpful
Customers Also Viewed These Support Documents