We want to add certificate authentication to our SSL Anyconnect VPN configuration. We use Windows CA to create a custom VPN certificates from a template.
So far so good. Users with the certificate can authenticate just fine. The problem is, that users that have a default user certificate from the CA can also login. How can I prevent this? Only users with a certificate issued from the VPN template should have access to it.