I have SSL VPN connectivity up and running on several ASA's, but I don't want my users to be able to login from anywhere or from any pc. I would essentially like to disable the clientless aspect of SSL VPN so that users can only login if that have the software preinstelled.
I'm currently using a local CA truspoint, and I know I could get around this issue by only allowing users to connect who have a valid certificate already installed on their machine, but I'm looking for a quick easy win for the short term.
If I remove the svc image statements from the config, or remove svc enable, the device refuses to authenticate me.
Thanks in advance.