Link to home
Create AccountLog in
Avatar of psherry
psherryFlag for United States of America

asked on

Cisco AnyConnect security concerns

Hi,

I was hoping someone could straighten me out on something that I can't get straight in my head.

If I set up an SSL VPN using AnyConnect, the functionality of AnyConnect will deliver the certificate to any client that connects to it - asking only for a username and password.

Doesn't that do away with one layer of protection?  The requirement of the client to have the certificate in order to be able to connect?

Now, anyone with the address of my VPN server and username and password can connect?

How can I restrict access to only allowing computers that I want to allow?

What am I missing?

Thanks,
Paul
ASKER CERTIFIED SOLUTION
Avatar of asavener
asavener
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of psherry

ASKER

That was exactly the information I was looking for - Thank You!