Hi,
Thank you for your works.
I was given a windows laptop with Anyconnect client to connect to the
VPN server.
There is an registered unique ID (i suppose
endpoint.anyconnect.deviceuniqueid) that was made when the windows
client was connected for the first time.
So before that the filter was applied, using Openconnect on Linux to
connect to Cisco/ASA SSL VPN does work.
But today, the admin to secure better uses DAP of Cisco/ASA, to filter
by that unique ID. I have that ID.
It seems that it uses |%ASA-7-734003|.
From [1], there are various options that can be given.
Openconnect does not give some options when connecting into the ASA logs
: it does not give that ID when logging. i do not see these informations
into the ASA logs.
But AnyConnect client on a Windows station give to ASA logs some
endpoint options as :
- endpoint.anyconnect.deviceuniqueid
- endpoint.anyconnect.macaddress
- endpoint.anyconnect.address
- etc
What i would like to use is to give the option of
endpoint.anyconnect.deviceuniqueid when running openconnect.
I am not it is implemented, isn't it ?
If yes, which option could i use ?
If not, do you think that option could later be added ?
Actually, i can use the 8.05, 8.06 and Git version.
Thank you in advance for return.
y.
1 :
https://www.cisco.com/c/en/us/td/docs/security/asa/syslog/b_syslog/syslogs9.html
|
//|
_______________________________________________
openconnect-devel mailing list
openconnect-devel@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/openconnect-devel