Hello,
I am having problems viewing Lotus iNotes running on Domino 8.5 properly through a clientless VPN webpage in my Cisco ASA5510.
One of our clients has implemented Lotus Domino 8.5 and have individual user portals so the users can each access their email, calendar, journals, discussions, etc. Everything works fine on the internal network, as well as through a full-blown SSL VPN client such as Anyconnect... it is the clientless VPN webpage that gives me an issue.
The issues start occuring when I configure a clientless VPN page for the users to first access, enter in a general username/password, and then they are taken to their first iNotes login page. The iNotes login page looks fine, and when they log into iNotes everything seems fine. However, when they start clicking around in different tabs or to open email (all nested within the clientless VPN page), things don't show up, and error message are produced on the iNotes page such as "A problem has occurred which may have caused the current operation to fail". When I click "Show Console" to get more details, I am presented with:
-----------------------------------------
Domino Release 8.5.1FP3 (Windows NT/Intel)
$HaikuForm - 304.5
Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2; .NET4.0C)
07/30/2010 12:31:13PM A problem has occurred which may have caused the current operation to fail.
07/30/2010 12:31:13PM 'CSCO_Util.parse_url(...).pathname' is null or not an object
07/30/2010 12:31:13PM https://<IP address of firewall removed for privacy here>/+CSCOL+/cte.js: 9
07/30/2010 12:31:13PM [GBy]- [(token){var ut=HTMLParserUtils;if(this._cur_segment==null){switc]([object Object])
07/30/2010 12:32:08PM [dojo-1.3.2] failed loading http://mail1.fake.com/domjs/dojo-1.3.2/dojo/../ibm/iNotes/widget/layout/DWASidebarContainer.js with error: [object Error]
07/30/2010 12:32:08PM A problem has occurred which may have caused the current operation to fail.
07/30/2010 12:32:08PM Could not load 'ibm.iNotes.widget.layout.DWASidebarContainer'; last tried '../ibm/iNotes/widget/layout/DWASidebarContainer.js'
07/30/2010 12:32:08PM https://<IP address of firewall removed for privacy here>/+CSCO+00756767633A2F2F7A6E7679312E656E71706E616762612E70627A++/domjs/dojo-1.3.2/dojo/dojo.js: 20
07/30/2010 12:32:08PM [GBy]- [(_51,_52){_52=this._global_omit_module_check||_52;var _53=this._]("ibm.iNotes.widget.layout.DWASidebarContainer")
-----------------------------------------
Users cannot open emails or create new email, nor can they do many other primary functions in iNotes through this clientless VPN. It looks like the ASA's URL redirection is corrupting what the Domino server is looking for. This isn't working very well contrary to what Cisco documentation claims is "optimized for Lotus iNotes".
Does anyone have any suggestions? I would like to stay away from using a single SSL cert (losing 2-factor authentication and have to make a firewall exception directly to the server on the network) and stay away from using Anyconnect if I can help it. I would also like to stress that it is iNotes specifically that is giving me this problem, not the full-blown Lotus Notes client that I could make work using Smart Tunnels.
Troubleshooting steps I have performed:
1.) Proper DNS servers are defined within the firewall
2.) I have tried both full/lite versions of iNotes and both produce the same errors.
3.) I have tried Firefox 3.6.8, IE8, IE6, all on Windows 7 and Windows XP. I seem to have slightly better results with Firefox than the other browsers, but it is not error free.
4.) I have investigated cookie corruption by deleting all histories and turning off any browser plugins and accelerators
Thank you!
