View Cart
0 Items | Total: US$0.00
Welcome,      Register

You are here

SEC0129 - SSL VPN AnyConnect Dynamic Access Policy (DAP) (Part 2)

No votes yet
Difficulty Level: 
Lab Document: 
<Please login to see the content>
Video Download: 
Title: SEC0129 - Video Download $10.00
Purchase SEC0129 - Video Download $10.00
The video shows you how to utilize the endpoint posture information gathered during a host scan to enforce access to Cisco ASA AnyConnect VPN through Dynamic Access Policy (DAP). We will perform various checks on the status of client Antivirus software and firewall combining with the pre-login policy results from the previous lab and alter VPN access accordingly. You will learn the effect that DAP has on both AnyConnect client and clientless VPN.
Part 2 of this video validates our DAP configuration with client testing
  • Dynamic Access Policy (DAP)
    • Antivirus, Firewall, Process Check
  • Host Scan and Pre-Login Policy

About Author

Metha Cheiwanichakorn, CCIE#23585 (RS, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at, Metha enjoys learning and challenges himself with new Cisco technologies.


Hello Metha,

Thank you for the video! I have a question about the DAP policies order in ASDM; in which order the policies are applied? In ASDM I see alphabetically; however, on CLI, when I issue 'debug menu dap 2' command, I see another order. What is the best way to add policies in an order?



Lab Minutes Classifieds


Vote for the Next Video Series
Firepower 6.6
DNAC 2.1
ISE 3.0
ACI 4.x
Total votes: 46