Authenticate computer

Unanswered Question
Sep 16th, 2009

I have ASA 5540, it is used for IPSEC connection.

I want the employees for our compagny use only the corporate laptop to connect by IPSEC VPN to our corporate network, not from their personnal laptop.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
neoxbusnext Tue, 09/22/2009 - 08:47

Can you try use IKE Phase 1 with Certificate? And your corporate laptops restrict with your corporate Certificate.

hope its help

auraza Tue, 09/22/2009 - 11:03

Certs, you could use as the other poster mentioned, however a savvy user would be able to export the cert and use it on another PC. You would have to use something like Cisco CleanAccess in conjunction to get some sort of functionality.

The other option is to use AnyConnect SSL VPN client, which would allow you to use CSD (Cisco Secure Desktop) which can check the machine to see if it is corporate machine or not.

PS. if this post was helpful, please rate it.

Actions

This Discussion