Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Restrict Anyconnect VPN access

I recently upgraded our VPN remote access clients to AnyConnect, now everybody in the organization can access the VPN. I was wondering is there is a way to block everybody and give access to who we want to give access to.

Also, I like to know how to stop VPN clients’ user from moving information (files/folders) between the remote PC (pc been access) and the pc they are access VPN from.

3 REPLIES
VIP Green

Restrict Anyconnect VPN access

how is your authentication set up? are you using locally defined users or are you using a RADIUS / TACACS+ server?

Do you want to allow users to connect but be restricted to what they can access?

Normally you would use group policies for these types of restrictions.

As for  preventing files/folders from being copied from a PC , as far as I know this is not supported by the ASA.  You would have to implement some sort of data loss prevention technology (DLP) for this.

--

Please rate all helpful posts.

--

Please remember to rate and select a correct answer
New Member

Restrict Anyconnect VPN access

we are using LDAP for authentication.

no, i do not want the users to connect to the ASA at all. is this posible? i want only those who we allow to connect and not the entire organization as it is now.

VIP Green

Re: Restrict Anyconnect VPN access

I do not think it is possible to stop users from connecting to the vpn, but it is possible to prevent them from logging in.

http://www.cisco.com/en/US/docs/security/asa/asa80/asdm60/selected_topics/enforce_AD.html

For data loss prevention (stopping people from copying files), you could implement Cisco Secure Desktop (CSD).  This will initiate a virtualized desktop when the user connects to the AnyConnect SSL VPN and/or Clientless SSL VPN.

http://www.cisco.com/en/US/docs/security/csd/csd311/csd_for_asa/configuration/guide/CSDJntro.html

--

Please rate all helpful posts

--

Please remember to rate and select a correct answer
344
Views
0
Helpful
3
Replies
CreatePlease to create content