Solved: Restrict Certain SVC Clients from Connecting to VPN

MrPrince1979 · ‎04-07-2010

Hi,

I’d like to know if it’s possible to restrict which version of SVC it’s possible to allow for remote users to connect to my AnyConnect VPN. I know it’s possible with IPSEC clients – i.e.

group-policy [policy_name] attributes

client-access-rule 1 permit type WinNT version 5.0.05.0290

client-access-rule 2 deny type * version *

exit

Is there something similar for SVC ? Thanks.

Jennifer Halim · ‎04-08-2010

Unfortunately there is no client-access-rule restriction with anyconnect client.

However, only anyconnect image/version that you install on the ASA will allow user to connect.

View solution in original post

Jennifer Halim · ‎04-08-2010

Unfortunately there is no client-access-rule restriction with anyconnect client.

However, only anyconnect image/version that you install on the ASA will allow user to connect.

scratchy1 · ‎04-08-2010

Agree

scratchy1 · ‎04-08-2010

yes

MrPrince1979 · ‎04-08-2010

So only the people\clients with the image specified as: svc image disk0:/anyconnect....pkg are able to connect? What would happen if they had an older version wouldn't the ASA upgrade them automatically?