Differentiate the machines connecting via AnyConnect

My users use AnyConnect to make access to remote VPN connections to Headquarters through an ASA5520.  Currently, VPN users have very few privileges because we allow users to connect using their personal computers and RSA tokens.

I need to find a way to determine if an AnyConnect client connects a laptop to company-owned/maintained/patched or other devices.  I want to give a full network for mobile phones of the company access while continuing to restrict access to home machines.  So far, the only idea I have is to use DHCP and associate company laptops MAC addresses with addresses is a range of subnet privielged.

Someone at - it any other ideas?  Is there a software solution that I can load on mobile phones of the company that could help?  Y at - it all capacity of FAC that helps?

Thank you.

Hello

The best way to go here is DAP:

http://www.Cisco.com/en/us/products/ps6120/products_white_paper09186a00809fcf38.shtml

Tags: Cisco Security

Similar Questions

  • Is there a way to see the ip address of the devices connected via the airport?

    Hello world

    Is there a way to see the ip addresses of the devices connected via the airport? I can see the name of the devices but not what ip are they?

    Thanks in advance.

    Open AirPort Utility

    Hold down the option on your Mac so you double-click on the image of the AirPort router

    Wireless clients are displayed

    Click on the small arrow next to each wireless client to see details about the device and the connection

  • Can not see the road when connected via AnyConnect

    We have just added a new subnet to our network. The vlan is to the top and to the top and we have network connectivity to the servers a few we just added to this vlan. When a user connects to the network via anyconnect VPN, the new subnet does not appear in the Windows routing table and therefore is routed out of the default route, and disappears in the clouds of the ISP. All other existing subnets show in the routing table. Any thoughts?

    New subnet - 10.40.10.0/24

    IPv4 routing table
    ===========================================================================
    Active routes:
    Network Destination gateway metric Interface subnet mask
    0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.26 25
    10.10.0.0 255.255.0.0 192.168.15.1 liaison 2
    10.10.255.255 255.255.255.255 on binding 192.168.15.1 257
    10.11.0.0 255.255.0.0 192.168.15.1 liaison 2
    10.11.255.255 255.255.255.255 on binding 192.168.15.1 257
    10.15.0.0 255.255.0.0 192.168.15.1 liaison 2
    10.15.255.255 255.255.255.255 on binding 192.168.15.1 257
    10.20.0.0 255.255.0.0 192.168.15.1 liaison 2
    10.20.255.255 255.255.255.255 on binding 192.168.15.1 257
    10.30.0.0 255.255.0.0 192.168.15.1 liaison 2
    10.30.255.255 255.255.255.255 on binding 192.168.15.1 257
    10.101.0.0 255.255.0.0 192.168.15.1 liaison 2
    10.101.255.255 255.255.255.255 on binding 192.168.15.1 257
    38.100.196.194 255.255.255.255 192.168.1.254 192.168.1.26 26
    127.0.0.0 255.0.0.0 127.0.0.1 on route 306
    127.0.0.1 255.255.255.255 127.0.0.1 on route 306
    127.255.255.255 255.255.255.255 on-link 127.0.0.1 306
    172.17.0.0 255.255.0.0 192.168.15.1 liaison 2
    172.17.255.255 255.255.255.255 on binding 192.168.15.1 257
    192.168.1.0 255.255.255.0 on 192.168.1.26 route 281
    192.168.1.26 255.255.255.255 on 192.168.1.26 route 281
    192.168.1.254 255.255.255.255 on 192.168.1.26 route 26
    192.168.1.255 255.255.255.255 on 192.168.1.26 route 281
    192.168.15.0 255.255.255.0 on binding 192.168.15.1 257
    192.168.15.1 255.255.255.255 on binding 192.168.15.1 257
    192.168.15.255 255.255.255.255 on binding 192.168.15.1 257
    224.0.0.0 240.0.0.0 on-link 127.0.0.1 306
    224.0.0.0 240.0.0.0 on 192.168.1.26 route 281
    224.0.0.0 240.0.0.0 on binding 192.168.15.1 257
    255.255.255.255 255.255.255.255 on-link 127.0.0.1 306
    255.255.255.255 255.255.255.255 on 192.168.1.26 route 281
    255.255.255.255 255.255.255.255 on binding 192.168.15.1 257
    ===========================================================================
    Persistent routes:
    None

    IPv6 routing table
    ===========================================================================
    Active routes:
    If metric network Destination Gateway
    16 58: / 0 sur-lien
    ===========================================================================

    Hello

    This new subnet that has been added to the configuration, also added to the AnyConnect split tunneling configuration?

    It won't show himself on the AnyConnect client unless the part of the split tunneling list to reach through the tunnel.

    Federico.

  • slow when they are connected via anyconnect VPN, ASA OS 9.0

    Hi guys

    My users are complaining that they are experience slowness when they are connected via vpn anyconnect for ASA os 9.x, 5 Mb files tikes 15 mts rough with them, even if these users also have a connection broadband on their place

    any guy insight

    Thank you

    Hi Ibrahim.

    My first suggestion to you is to follow the recommendations of Cisco, associated with latency problems.

    hostname (config) #-group attributes policy
    hostname (config-Group-Policy) #webvpn
    hostname (config-group-webvpn) select #svc dtls
    hostname (config-group-webvpn) #svc df-bit-ignore enable
    hostname (config-group-webvpn) #svc routing-filtering-ignore enable
    hostname (config-group-webvpn) mtu #svc 1200
    hostname (config-group-webvpn) #svc compression no

    (a more recent version, you can use the command "anyconnect" instead of "svc")

    If after this the problem persists please let me know when is the right time to reproduce the problem and collect the balls, debugs and catches. I also need the current configuration of the SAA (see technology in a txt file)

    Kind regards

    Aditya

    Please evaluate the useful messages.

  • Vista host with internet access attached usb must be shared with the machine connected by ethernet xp

    Help I have something overlooking simple went through all the stages of preparation for machines as well as differences in networking. He had twice right, but when the internet connection is broken (my blackberry), something is not right on reconnect.

    Are you asking how to enable Internet connection sharing on the host of Vista?  If so:

    1. Go to Control Panel > network and sharing Center .
    2. Click manage network connections .
    3. Right click on the USB connection.
    4. Click on Properties .
    5. Click sharing .
    6. Put a checkmark in the Internet connection sharing box.

    Boulder computer Maven
    Most Microsoft Valuable Professional

  • Satellite P300-133 - how to use the internet connection via BlueTooth

    Hello

    I finally solve my problem with the synchronization via bluetooth between my P300-133 and my [HTC | http://www.htc.com/europe/product.aspx?id=15674] with Windows Mobile 5 - with step by step instructions of Toshiba.

    But I don't know how to use the Internet via BT, I tried many ways, one of them was to create a PAN with P300 as server - correctly connected HTC to P300, but it seams I can share internet with P300 as a gateway. And I want to do the opposite - get internet from my mobile to the computer (while she is away from all the cables). I'm not sure this PAN in the right way...

    The question of the other and less important is to be able to share that connection with your laptop via bluetooth - I guess that this must be done through Pan

    Thanks for any help.

    Bartek

    You found a solution to this?

  • stretching from the internet connection via a wired ethernet cable

    Hello

    First time poster. I have a netgear R8000 Nighthawk on my 2nd floor. I intend to use an ethernet cable connected to the R8000 and bring it downstairs in my living room. My question is, is - it possible to be able to connect the ethernet cable in the living room to another router and then connect up to 3 devices (apple computer, smart tv, tv) via ethernet cables? I prefer wired connections. I am aware that I can use as the EX7000 netgear router as access point, but other devices may only be connected wirelessly.

    Any help would be appreciated

    Thank you very much!

  • The MX892 connects via a USB cable

    Even if it is a wireless printer, can I leave the usb cable connected and to the implementation of a wireless system?

    Hi Zenjoo, thanks for posting!  The PIXMA MX892 can be connected to the computer via a standard USB, as well as be connected wireless printer cable.  Please note that the printer is not equipped with a USB cable, you can use the cable of your old printer off, or provide your own.  We hope this helps!

  • VISA can not find the oscilloscope connected via Ethernet (LAN)

    Hello

    I'm using Labview 8.5.1 and installed 4.5 VISA. I connected my computer to an oscilloscope Agilent DSO5014A via the ethernet cable. I installed the driver (I even tried the 2 versions found here http://sine.ni.com/apps/utf8/niid_web_display.model_page?p_model_id=10256).

    In "Measurement and Automation Explorer" However, after clicking on 'Devices and Interfaces' and then 'new', the device is not automatically found and manual entry of the IP address is not more successful. (I checked that my Ethernet port works and cable as well)

    Any idea?

    Well, IP - thing seems to be linked to the AGILENT driver. Sorry, but I have no opportunity to test it, because I don't have one of these scopes. By the way: great synchronization

    Best regards from Munich

  • BlackBerry Smartphones Blue error screen when the "BOLD" connection via port USB for Windows Server 2003

    I try to activate a new blackberry 9000 "BOLD", the first time I plugged the server he was immediately recognized and installed. I selected add new device of the user and the activation process started, but about 1 min in the activation I got a blue screen error stop 'driver of bugcode_usb.'

    After restarting the server I reconnected the "BOLD" to the server and once more Windows he acknowledged and began the installation process, this time however, the VM didn't pick it up and I had to click on VM > removable devices > usb devices to start the process of installing how he immediately provoked the stop error blue screen again.

    We run BES 4.1.4 on Windows Server 2003 in a virtual machine (VMWare 1.0.4) environment

    Does anyone have any suggestions? I don't want to plug it back for fear of crashing the BES server again.

    have you tried wirless EA?

  • To connect to the PC - tab 8W - not seen when connected via USB - Help!

    My new 8W tab is not seen by the PC connected via USB. Both are Windows 10. Help!

    Out of curiosity I will pick up an OTG cable and let you know the result!

  • UDP connection via wifi in the name of 8320 tunnel met IOException:Invalid

    I am new to Java, trying to open a UDP connection on wifi in my BB8320 (V4.2.2.180).

    I have connected to my 8320 to a WiFi network and that you can access Web page in the browser (configuration: Wi - Fi browser).

    I tried with: Connector.open (DatagramConnection) (datagram://192.168.1.101:5009) and Connector.open (DatagramConnection) (udp://192.168.1.101:5009), but all got IOException:Invalid name of the tunnel.)

    Here's my Mobile Network Options in the camera: Data Services - on; Connection preference - Wi - Fi only.

    The same code works fine in the emulator, tested in a wired network.

    I googled this IOException, it seems that the TCP APN cannot be null, I tried with blackberry.net cmnet, wap.voicestream.com and even the name of the Wi - Fi connection, everyone met time-out problem.

    I have some questions below:

    1. is there any configuration that I missed?

    2. the UDP connection via wifi check the AFN? The APN configured in the emulator is null.

    3. do UDP and TCP connection API need permission in the device?

    Appreciate for any suggestions!

    Sam

    I did in the past, and IIRC the trick was to add: «;» interface = wifi; deviceside = true"to your connection string. for example:

    Connector.Open ("udp://192.168.1.101:5009; interface = wifi; deviceside = true ")"

  • SP2309W won't go into energy saving mode when connected via HDMI

    Hello

    I just got 2 SP2309W, and I love them, the only problem I encounter is just one of them (the one connected via HDMI) is not in power saving mode, even when I turn off my laptop. Is anyone else having the same problem?

    I have connected the monitor via VGA and DVI and the energy saver works fine but it does not work with HDMI

    I have a XPS 1530, Intel Core 2 Duo processor T9300with a 256 MB NVIDIA GeForce 8600 M GT video card.

    My XPS has a HDMI and VGA input so I have a monitor connected via VGA and the other via HDMI and even when I go around, always one connected via HDMI is not in the standby power mode even if the laptop is turned off (or when he goes to sleep).

    Thanks for your help,

    Ivan

    We left three SP2309Ws on all night to disconnect the HDMI cable and in STFC mode and came this morning to see the message from MONIQUE always there. They all didn't say, 'no HDMI cable. This is normal. In fact, we have tested on several other models of monitors and they all do the same thing.

  • Windows 7 will not recognize or sync Pocket PC which is connected via usb

    Hello

    I am trying to sync my Pocket PC data (Pal my ASUS a686) on my computer (Windows 7 Enterprise). I think that if you had Windows XP, we would use Active Sync. However, it's windows 7, so I think that I use Windows Mobile Device Center. In fact, I used the center of the device before, but it has been a week to try to download the data again and it no longer works. He is very picky. But we need our data and cannot wait for the day that he decided to download.
    So I uninstalled the center of the device (the tip of a chat room) and now I can not re - load it. However, before I even uninstalled, the problem returning to the top, it was my computer does not recognize the device connected via usb.
    Code 43 continues to come does not recognize this device. And yet it is plugged. I keep trying to restart, plug the unit in different orders, send good energy, etc.
    I did a soft reboot of the pocket pc the last time, but that makes you lose all data on the pocket pc and we cannot lose this data. Finally, it is for the eco-counter software. When it worked, I hit the sync button and the data were downloaded. Now... He says just connect me please my pocket pc when it is connected. Why!
    Thank you
    Cole

    On the Pocket PC, try going to "start |" Settings | Connections | USB to PC"and unchecking the checkbox"Enable advanced network functionality. "

    HAL

    --

    HAL Hostetler, TCE

    Engineer senior/UPDATED--MS MVP-Print/Imaging - WA7BGX

    www.kvoa.com - KVOA television, Tucson, AZ.

    Live Hot Licks -www.badnewsbluesband.com

  • Can trying to set up my machine engraving via XP... anyone help?

    I am new to VMware and will have set up a small engraving machine. I installed the software drivers, everything should be set, but I can't the environment of Windows XP in order to 'see' the engraving machine. I have the machine connected to my wireless router, but can also connect to my Mac with a crossover cable.

    Where can I go for help? All reviews are much appreciated!

    Looks like the engraving machine is a network device, is that correct?

    Your XP virtual machine can connect to the internet in general?

    Have you tried to use the bridged network (types of circuit-switched network requires XP get a new IP address, the best way to proceed is to rebooot XP)?

Maybe you are looking for