VPN Solution Requrement -HHT (Intermac CN3 & CN50) with MAC Checker Security

Unanswered Question
Jan 13th, 2010
User Badges:

We are using GPRS supported Handheld Terminals  which connects to our ERP application through VPN .
At present they are connecting  to our Cisco ASA 5520 using Remote Access VPN with username authentication.
We require a second level of Security which can check the MAC address or other criteria so that only authorized device can access through VPN.
Kindly provide us a VPN solution with necessary costing which can provide two level of security Authentications and should support HHT’s,Laptops & Desktops.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
hdashnau Wed, 01/13/2010 - 18:15
User Badges:
  • Cisco Employee,

You should consider using Dynamic Access Policies with CSD. You can use this to check for a registry setting, file, certificate, AV, FW, AS etc before allowing the computer to connect. The DAP check is done at the same time you enter your username and password. You can read more about DAP and how to deploy it here:


DAP only has limited functionality with the traditional IPSec client, but has full functionality with the AnyConnect SSL vpn. The ASA comes with a default of 2 free licenses for testing. If you need additional licenses, you can purchase them by emailing [email protected] or contacting your account team or reseller. The licenses come in two forms (essential and full) -- you would need the full license to be able to do DAP as it is not supported with the essentials license.


This Discussion