ASA 8.2.1: Block VPN users with certain reported DDNS names?
Platform: Cisco ASA 8.2.1.
Please consider the log line below:
Dec 3 04:03:56 ciscoasa %ASA-7-715053: Group = mygroup, Username = jdoe, IP = 192.168.1.2, MODE_CFG: Received request for DHCP hostname for DDNS is: zzhostname!
Would it be possible in the ASA configuration, in some way, to *disallow* a user from connecting to the ASA if their hostname did not contain "zz" or some other arbitrary string? I know that the ASA can use a group policy to verify client OS and version, but we would like to device a way to block certain reported DDNS names.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...