Clientless SSL VPN and certificates

Unanswered Question
Jul 28th, 2010

Hi all,

At our company we currently use the clientless SSL VPN Portal to grant users access to webmail and certain tools from the outside.

Is there anyway to implement a check into the login process to check for a computer certificate we will place on company laptops/machines?

I know that during the login process the access group is checked, as well as the group policy. But im not sure if certification checking is in any way possible.

Thanks for your input!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Rahul Govindan Wed, 07/28/2010 - 06:38

Do you mean authenticate using a certificate or just checking if a certificate is present during login?

Certificate authentication can be done by selecting the authentication method for clientless as certificate instead of aaa. The client cert has to be installed in the browser store of the PC.

For the second option, using endpoint assessment could be used I guess. You can check the following link if it helps:

http://www.cisco.com/en/US/docs/security/csd/csd_32/configuration/guide/CSDJtuto.html#wp1104260

Actions

This Discussion