cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3417
Views
0
Helpful
1
Replies

CSD pre-login policy checking with clientless VPN

achen2000
Level 1
Level 1

I'm testing the CSD pre-login policy checking while I'm using the clientless VPN. I found that if the java is not detected then I'll the this information, "Weblaunch for Cisco Secure Desktop was unsuccessful. If you wish to manually start the Cisco Secure Desktop, you may download a native Cisco Secure Desktop launcher."

But below it, I also see "or Login using the link below (some resources may be unavailable):
    Login"

It means that I can bypass the CSD pre-login policy checking if the JAVA is not installed.

Is this right? or do I miss anything?

1 Accepted Solution

Accepted Solutions

csiszerakos2
Level 1
Level 1

You can use Dynamic Access Policies (DAP) to make additional checks. These checks use CSD and if CSD is not running (or bypassed) the DfltAccessPolicy is applied. You can set it to terminate the connection and show a message to the user. Before the DfltAccessPolicy you have to have a permissive policy where you check something which is always true (e.g. the all kind of OSes) and set the action to continue.

If you have not only clientless connections additional tunning may be required.

Update:

A good docs about the CSD existence check:

https://supportforums.cisco.com/docs/DOC-8283

View solution in original post

1 Reply 1

csiszerakos2
Level 1
Level 1

You can use Dynamic Access Policies (DAP) to make additional checks. These checks use CSD and if CSD is not running (or bypassed) the DfltAccessPolicy is applied. You can set it to terminate the connection and show a message to the user. Before the DfltAccessPolicy you have to have a permissive policy where you check something which is always true (e.g. the all kind of OSes) and set the action to continue.

If you have not only clientless connections additional tunning may be required.

Update:

A good docs about the CSD existence check:

https://supportforums.cisco.com/docs/DOC-8283