ASA 5510 v8.0(3)
I've got our asa SSL/VPN setup with an AAA server (using ldap) and users can login just fine.
The only thing we have it configured for is to use the rdp plugin. We got a couple of bookmarks setup that send the users to internal windows 2003 terminal servers. That works fine.
Now, I'm trying to get the auto signon feature to work properly. (we don't have siteminder or the SAML profile) If I understand this right, I don't need those two thirdparty features to get this working. Is this correct?
All I've done is add the follwing commands:
webvpn
enable outside
enable inside
tunnel-group-list enable
auto-signon allow ip 10.10.1.0 255.255.255.0 auth-type ntlm
According to the ASA 8.0 Congfiguration guide, that should do it. But, when access one of our bookmarks, it connects just fine, but still prompts for the username and password. I've configured the group policy to inherit the auto sign settings (and pretty much everything else).
Can someone maybe recommend something I may be overlooking here? Do I need to configure something further on my terminal server that accepts this NTLM request?
------------------
A little more info: When I don't enable the auto signon, the rdp plugin works just fine and I can easily get the sign on screen to my terminal server. However, when I enable anything in the auto signon, the rdp client launches, but it stays as a tiny little box in center of the screen and it'll eventually timeout and close. This little tiny box isn't expandable either. I've tried degugs, but don't see anything. No errors on the terminal server itself either.