Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Determine MAC address via Cisco ASDM

Posted on 2010-09-20
2
1,469 Views
Last Modified: 2012-05-10
Hello,
I am trying to figure out how to block access from a certain remote computer to our network. The client computer sometimes connects via the VPN and sometimes only through Outlook RPC/HTTP.
The user still needs to connect to our network but I only want them to connect through a standard company issued computer they already have, not a personal one.
I tried to find the MAC address on the ASA 5520 using ASDM 6.1 when the client has an open VPN session but it seems that information is not available.
Any other way I can block access to our network from non acceptable computers?
0
Comment
Question by:tolinrome
2 Comments
 
LVL 4

Assisted Solution

by:pablomorales
pablomorales earned 50 total points
ID: 33720970
You will not be able to get his MAC address unless he is connected directly to your network. If he is connecting from the internet then you will only see packets with the MAC address of your router.

To prevent your users from using unauthorized computers via VPN you only need to change the group password and don't give it to them. If you keep the group password secret then the users will not be able to setup the client on another machine without autorization. For Outlook RPC/HTTP you will have a harder time preventing the user from connecting using other computers so you may want to force the user to connect to his email account using the VPN and block his account from using Outlook RPC/HTTP.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 200 total points
ID: 33721819
you should consider using SSL based VPN like AnyConnect.
SSL vpn lets you extend the features using Secure Desktop. You can not only ask for a username/password, but you can also interrogate the PC. Are you one of ours? Do you have AntiVirus? Is it one of these versions? Has it been updated within past 72 hours?
You can get crazy with the interrogation, or just a simple test to make sure it is a company laptop, and if not, it can only access certain things. To know if it is one of yours, you can look for a specific file in a specific location, or a specific registry key, among other options.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question