- Green, 3000 points or more
There are some users allowed to connect via VPN using the Cisco VPN client.
We've seen some users connecting with different clients for example: http://www.shrew.net/download/vpn
I just tried it myself.
Just download the client, import the PCF and connect to the ASA.
The question is...
The only way to prevent the VPN users from connecting with any client besides the Cisco VPN client is by setting the client-type allowed for VPN on the ASA?
The fact that anybody with a VPN profile can use another client to connect does not impose any security risks?
Shouldn't be a problem as it will use the same IPSEC protocols to encrypt/decrypt the packet. One possiblity is if it doesn't comply 100% with the standard, it can could potentially cause adverse behaviour on the ASA.