Clientless SSL VPN

janakamolagoda · ‎02-24-2009

Hi i have configured web vpn on cisco asa 5510, and able to access Exchange server for OWA.additionally i have Fortigate and fortinalyzer in the same inside lan same as exchange server.However i cannot access them.when access fortinalyzer, login page appear, uopn log in it display server unavailable.in the case of Fortigate, it doesnot evenprompt the log in screen.(Fortigate firewall operate as transparent proxy).I just need to know where ASA web VPN support only web servers and not every HTTP(S)or i am missing some thing.

Please help.

auraza · ‎02-26-2009

What is the version of the ASA you're running?

janakamolagoda · ‎02-26-2009

Hi,

It is ASA Version 7.2(3)

auraza · ‎02-26-2009

Clientless functionality on that version was quite limited, and as there is re-writing involved, it can cause issues. 8.0 has much improved clientless functionality and may be worth a look, however, it does require you to buy additional licenses, as only 2 are allowed by default, unless you already have bought licenses for webvpn.

Let me know if that helps.

janakamolagoda · ‎02-26-2009

Thanks for the advise,

we will buy additional license later if this success.My problem is why i cannot access fortigate where as i can access exchange OWA.

is it something to do with SSL cert or Fortiget block traffic from ASA.(Both Fortinet and exchange server in the same segment)

Regards,

auraza · ‎02-27-2009

The only thing I can think of is that the Fortigate is not allowing the traffic from the ASA. I have never worked on a Fortigate, but make sure you are allowing management of it from the ASA's internal IP.