cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1488
Views
0
Helpful
1
Replies

clientless SSL VPN port-forwarding anomaly

waldemar45
Level 1
Level 1

Hi,  we are running a CISCO ASA 5540 for clientless ssl vpn services.  We would like to run applications remotely using port-forwarding feature.  The applications only require a single tcp port to the target server for operation and the requirement is that the apps should not be reconfigured to work remotely from their configuration at work.

So I've setup a port forward thus:  local 1234 remote server xyz.abc.com remote port 1234

Now,  on the client end the the tunnel is formed ,  as shown by the application access window.  However,  the local connection shows localhost:1234

If I change the clients local host file to point (for testing),  I can run the said application remotely which verifies the the tunnel integrity & I can see packets in the application access window.

Now,  we've got 100's of clients so a manual reconfigure of the client's host file isn't an option for us.  The anomaly I mentioned is that whilst experimenting with this,  my laptop suddenly showed the local connection the same as the remote in the tunnel.  This is obviously the way we would like it to work,  & it was confirmed to work.  With the tunnel app window open, xyz.abc.com resolved to localhost and the app worked remotely,  to check, with the tunnel disconnected xyz.abc.com then resolved to its normal public ip.  That's great,  however I can't reproduce this in any of our other client's

1 Reply 1

Atri Basu
Cisco Employee
Cisco Employee

It appears as though this feature doesn't work for any client whose host file hasn't been changed. if this is the case, I would suggest you open a TAC case and have an engineer look at the problem. If it is working for one client,  I doubt that it will be a configuration issue.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: