Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1100
Views
0
Helpful
4
Replies

Bookmark not logging in

ticketreturn
Level 1
Level 1

‎11-27-2012 12:46 PM

I've configured an ASA5505 with clientless SSL VPN access. I see that the user is authenticated in my Active Directory, and the bookmark with the RDP connection is available. The bookmark URL contains

10.10.20.46/username=CSCO_WEBVPN_USERNAME&password=CSCO_WEBVPN_PASSWORD&CSCO_WEBVPN_MACRO1

When I click on the bookmark, I get to the server, but the user isn't logged in; the user name & password fields are blank & the message under the fields has Log on <domain name>. The Auto Sign-On server is enabled, and in the Smart Tunnel Auto Sign-on I checked the Use Windows domain name with username. The Terminal Server is W2k8 Data Center Edition - VMWare 4.0.

Cannot seem to figure this one out. Any suggestions are appreciated.

ASA Version: 8.4(4)1, ASDM Version: 6.4(9)

Also, the CSCO_WEBVPN_MACRO1 is configured to get the Department value from the Active Directory. I don't know if this is working or not. Is there a way to verify it?

Thanks for the help.

Labels:
0 Helpful
4 Replies 4

Javier Portuguez
Level 9
Level 9

‎11-28-2012 12:02 AM

Hi Sam,

Please check this out:

https://supportforums.cisco.com/message/3749055#3749055

HTH.

Please rate any helpful posts

0 Helpful

ticketreturn
Level 1
Level 1
In response to Javier Portuguez

‎11-28-2012 08:43 AM

That helped tremendously. Thanks.

Also, I found that another admin had configured terminal services login to not recognize the parameters being passed. Once that was changed, along with the other hints from the mentioned article I made good progress.

I still have the issue of the CSCO_WEBVPN_MACRO1 parameter. The server is configured to automatically start a program looking for a value, but it isn't receiving it. Right now I just have &CSCO_WEBVPN_MACRO1 in the bookmark, do I need something like parameter=CSCO_WEBVPN_MACRO1? or is it the variable name from the program?

Thanks again.

0 Helpful

Javier Portuguez
Level 9
Level 9
In response to ticketreturn

‎11-28-2012 09:03 AM

Dear Sam,

I am glad to hear you found it helpful.

The CSCO_WEBVPN_MACRO1 is the parameter, but to be honest I do not think the specific "program" attribute would work.

What are you defining in the Macro?

HTH.

Please rate any helpful posts

0 Helpful

ticketreturn
Level 1
Level 1
In response to Javier Portuguez

‎11-28-2012 10:14 AM

So I don't do anything like '?parmx = CSCO_WEBVPN_MACRO1' in the bookmark?

I want to populate the field with an value from my AD, associated with the user login.

In Remote Access VPN -> AAA/Local Users -> LDAP Attribute Map I defined an entry (MyMacro) for Department = WebVPN-Macro-Substitution-Value1

In my bookmark -> Advanced Options I set the URL method to Post & added a Post Parameter associating MyMacro to the value for CSCO_WEBVPN_MAVRO1.

I think I can modify the MyMacro rntry in the LDAP Attribute Map to use a static value rather than a AD value for testing purposes, to see if it is infact being passed to the program. At minimum this should indicate if I'm not getting the value from the AD.

0 Helpful
Customers Also Viewed These Support Documents