[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Determine MAC address via Cisco ASDM

Posted on 2010-09-20
2
Medium Priority
?
1,500 Views
Last Modified: 2012-05-10
Hello,
I am trying to figure out how to block access from a certain remote computer to our network. The client computer sometimes connects via the VPN and sometimes only through Outlook RPC/HTTP.
The user still needs to connect to our network but I only want them to connect through a standard company issued computer they already have, not a personal one.
I tried to find the MAC address on the ASA 5520 using ASDM 6.1 when the client has an open VPN session but it seems that information is not available.
Any other way I can block access to our network from non acceptable computers?
0
Comment
Question by:tolinrome
2 Comments
 
LVL 4

Assisted Solution

by:pablomorales
pablomorales earned 200 total points
ID: 33720970
You will not be able to get his MAC address unless he is connected directly to your network. If he is connecting from the internet then you will only see packets with the MAC address of your router.

To prevent your users from using unauthorized computers via VPN you only need to change the group password and don't give it to them. If you keep the group password secret then the users will not be able to setup the client on another machine without autorization. For Outlook RPC/HTTP you will have a harder time preventing the user from connecting using other computers so you may want to force the user to connect to his email account using the VPN and block his account from using Outlook RPC/HTTP.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 800 total points
ID: 33721819
you should consider using SSL based VPN like AnyConnect.
SSL vpn lets you extend the features using Secure Desktop. You can not only ask for a username/password, but you can also interrogate the PC. Are you one of ours? Do you have AntiVirus? Is it one of these versions? Has it been updated within past 72 hours?
You can get crazy with the interrogation, or just a simple test to make sure it is a company laptop, and if not, it can only access certain things. To know if it is one of yours, you can look for a specific file in a specific location, or a specific registry key, among other options.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to fix a SonicWall Gateway Anti-Virus firewall blocking automatic updates to apps like Windows, Adobe, Symantec, etc.
LinkedIn blogging is great for networking, building up an audience, and expanding your influence as well. However, if you want to achieve these results, you need to work really hard to make your post worth liking and sharing. Here are 4 tips that ca…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question