02-26-2014 06:30 PM - edited 02-21-2020 07:31 PM
Hi,
I have an ASA using certificate based vpn. I was wondering if it may be possible to allow vpn connection only if the vpn client is making use of smart card only and not OS certificates? Example client with smart card connected can establish vpn successfully while client using OS certificate without smart card connected will be denied vpn connection.
From my understanding, not too sure if this may be done using nac to scan endpoint on the device type/certificate mapping on the certificate type?
Any suggestion is appreciated.
Thanks.