asked on

Prevent Anyconnect VPN client from connecting while on LAN.

Details:
Cisco ASA 55xx firewall
Anyconnect client: 4.2

Infrastructure. Wired and Wireless

Wireless is on a separate network from LAN all together. Often people take laptop from desk and connect to the wireless. When they return to their desk, connect to the LAN via docking station , they stay on the VPN. Any way to configure the ASA to tell the Anyconnect client either to:
1) IF on LAN, do not connect.
2) IF connected on VPN, and LAN is detected, disconnect.

Thank you.

ASKER CERTIFIED SOLUTION

masnrock

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

SOLUTION

Bryant Schaper

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

SOLUTION

Natty Greg

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

SOLUTION

Pete Long

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

masnrock

@Pete - You'd be amazed how many people I've seen who work remotely a lot keep trying to connect to the VPN when they're in the office out of habit. Naturally, there's no reason to connect to your own VPN when you're inside the network, but I've seen it happen a lot (and had gotten enough support calls for it over time). I've generally seen it happen by way of the loopback rule, because generally IT is not going to configure a VPN device to take connections from the inside interface.

masnrock

Answered sufficiently

PT Guy

ASKER

You can lead a horse to water, but you can't force it to drink!