We have a PIX 515E and clients conencting remotely using Cisco VPN client 5
1. How can I display a message box when thsy connect with some text in it that they have to agree to? and if they don't can they get disconnected
2. Users are prompted for their domain credentials when conencting. The PIX then forwards this to an internal IAS/Radius server to verify username and password and the remote access policies- user group, time etc. Is it possible to also authenticate them according to known MAC addresses? I'd like to be able to only have known PCs connecting so software cannot be installed on home PCs etc.
Thats it for now. Thanks in advance for any info given.
Here are some answers altough you might not be happy with them:
1: Never seen it, I do not think this is possible. What you want typically covered by a "usage policy" that the users must agree with before being provided with a login.
2: The verification that you want can be realized by using certificate authentication. On connection setup both ends are authenticated and the parameters for this may include certain system-specific options.
Drawback: installing and maintaining a CA environment is more complex than straight forward aaa authentication.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...