×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Limitation access with License VPN for mobile.

Unanswered Question
Dec 9th, 2013
User Badges:

Hi,


I have an ASA5520, with a premium license for SSL VPN Peers plus a license for Anyconnect Mobile.

I manage Remote VPN access by ACS server.

Can you tell me if it is possible to restrict VPN connections  with AnyConnect Mobile, just same users will have the right to use the  license anyconnect For Mobile.

If yes, premium and mobile licenses are sufficient? How can i do that by Dynamic Access Policies (DAP)?


Thanks for your Help.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Marvin Rhoads Tue, 12/10/2013 - 14:09
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,
  • Cisco Designated VIP,

    2017 Firewalling, Network Management, VPN

The Mobile license is unlimited so by itself it doesn't consume license count. If you want only some users to be able to connect via mobile for other reasons, you could use DAP.


For instance create a group for PC-based SSL VPN users, check for OS = Windows. (plus Mac and Linux if applicable). Create a second VPN group for mobile users checking that group for OS = Apple iIOS (plus Android if applicable) AND a AAA attribute (user = member of a defined group or listed by userid). You could further restrict it by device UID if you want to be that granular.


See the example here:


http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a0080bf4915.shtml#anc23

Actions

This Discussion