Hi everybody, hello Cisco gurus! I'm really mad at the way Cisco dropped any support and development for IOS based SSL VPN. I successfully deployed SSL VPN with IOS router and even configured a very basic portal. The most required thing in this portal is to run RDP over web to Windows-based client machines. This is easily achievable if you install Remote Desktop Web Connection component. Once you have it installed you can easily connect to a given host using the URL:
But, there's a BIG BUT, it works only if you connect to this machine over the network. Now let's get back to webvpn portion of the router. I publish my internal resources accessible via URL:
My problem is that any connection to the URL with TSWEB from the portal breaks or crashes and I end up with the browser complaining with the following message:
Line: 306 Error: Object doesn't support this property or method
This line 306 in the default.html file looks as follows:
1.) Back up the TSWeb default.htm page.
2.) Open the default.htm page in a editor and search for "OnClick=BtnConnect" change it to "OnClick=BtnConnect()"
3.) Search for "MsRdpClient.AdvancedSettings2.RedirectSmartCards = FALSE" after this add a new line "MsRdpClient.AdvancedSettings2.RDPPort = 35554" and save the page .
Port no "35554" is just a user specified localport.
4.) Now on IOS add a port-forwarding list under the webvpn context
port-forward "pflist"
local-port 35554 remote-server "10.1.1.100" remote-port 3389 description "TSWEB"
Local port should be same as in the TSWeb script page and remort-port is where TSWeb listens on the server machine by default it is 3389.
5.) Now from client machine after authentication Start thin client application. Note the local ip and port no for TSWeb application
6.) Open TSWeb default page using bookmark on portal page or from IOS URL text box.
7.) Give TSWeb localhost ip from step 5 and click connect.
Thanks, Jason, for looking into it. Why would use it for my own risk? As long as it works I would be happy to configure it and report to my boss to get it off from my shoulders. Unfortunately it didn't. I remember messing with port forwarding sometime ago and it wasn't fruitful. Anyways, let me show what I did to confirm it for me and others who might be interested as well. Just to make sure if we need to persist with it a question to you - Did it work for you ? I mean those changes to default.htm file. The thing is that whenever I make a change to default.htm I can't connect to the target host from any locally L3 adjacent PC. I end up with VBScript error message: This computer can't connect to the remote computer.
Nevertheless,
1) the change to default.htm file includes the following lines:
MsRdpClient.AdvancedSettings2.RDPPort = 35554
2) IOS portion of webvpn configuration includes the following lines:
Then, when I connect to the portal from a host on Internet I see the "Thin Client Application" Start button. Clicking on it brings the java application with a single line in it saying what can see at the attachment (thin client.jpg). Here I would expect to see counters for "Bytes Out" and "Bytes In" incrementing. None of them seem to increment after I try to connect to the client machine.
And lastly when I click on the RDP link for "Henry" I end up with the above said VBScript error message saying that it can't connect to the remote computer.
I think the bottom line of this problem is the code of "default.htm" file. Why in the first place I can connect to the host in question via TSWEB and after your proposed changes it stops working?
Hope to bring more interested and inquisitive folks to find the solution to this damn problem.
Eugene
Preview file
15 KB
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
