On your connection profile editing window, go under "advanced". There you have the option of specifying a secondary authentication method independent of the primary method. Using that approach, you can specify certificate method for both authentications.
As noted, you could also have a prelogin policy (DAP) to check for various files (or even their hash for greater security) registry keys, etc. For instance, you could check that the machine is a domain machine (independent of the user).
I am trying to implement dual authentication (ldap + computer certificate) base. Currently "LDAP" authentication is perfectly fine but when I am going to implement computer certificate base authentication, so anyconnect showing some error, now it is requested to you kindly send me any URL for the reference "how to implement" or guide me.
I have a ASA5520 and now it is possible to connect to Anyconnect using ether user/pass or machine certificat. But how do i set it up so, that it first check the mashine certificat, and if it is not pressent then it ask for user/pass ?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...