The Cisco ASA remote access VPN server must be configured to display the Standard Mandatory DoD Notice and Consent Banner before granting access to the network.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-239970 | CASA-VN-000460 | SV-239970r666316_rule | Medium |
| Description |
| STIG | Date |
| Cisco ASA VPN Security Technical Implementation Guide | 2024-08-22 |
Details
| Check Text (C-43203r666314_chk) |
| Verify that the ASA is configured to display the Standard Mandatory DoD Notice and Consent Banner before granting remote access to the network as shown in the example below. group-policy GROUP_POLICY_ANYCONNECT attributes banner value I've read & consent to terms in IS user agreem't. If the ASA is not configured to display the Standard Mandatory DoD Notice and Consent Banner before granting remote access to the network, this is a finding. |
| Fix Text (F-43162r666315_fix) |
| Configure the ASA to display the Standard Mandatory DoD Notice and Consent Banner before granting access to the network as shown in the example below. ASA3(config)# group-policy GROUP_POLICY_ANYCONNECT attributes ASA3(config-group-policy)# banner value I've read & consent to terms in IS user agreem't. ASA3(config-group-policy)# end |