Connect iPad via SSLVPN (clientless) and RDP

bberry · ‎07-16-2012

Hello,

I have been reading through the other discussions here as well as the ask the expert from last year about connecting iPads via SSLVPN specifically for creating an RDP session. I am looking for clarification to make sure that I understand everyhit correctly. The only way for an iPAD to make an RDP session is to run the full client then use an RDP client on the iPAD. This is due to the iPAD not being able to use the java based RDP plugin. The drawback here if I understand right is that the device is fully on the network with the client running. This means that any potential adware/spyware/virus/whatever would have network access because of the full client.

Is there something that I am missing or is there a way to lock things down to keep the iPAD fully off the network? Can I configure the portal to say use only specific ports to minimize this exposure? We are looking into ways to allow users to remotely connect but not allow them to use the full client. They would remotely connect through a portal to either their company asset or RDP to a terminal server for connectivity. For the windows based folks this is starting to look like a really good solution. This issue is starting to arise that more and more people are starting to get the iPADS instead of standard laptops.

Anyone addressing this with a different method or solution?

Thanks in advance ...

Brent

Tarik Admani · ‎07-16-2012

Are you using DAP policies or radius authentication? You can have the radius server hand the class attribute in order to place the client in the correct DAP policy. In that DAP policy create a logical expression for the ipad and reference a split tunnel so that rdp traffic (tcp port 3389) is permitted through is protected through the tunnel.

Hope this helps!

Tarik Admani
*Please rate helpful posts*