Sharepoint 2013 ASA clientless SSL VPN

Peter Koltl · ‎11-20-2013

ASA 9.1(1) WebVPN users cannot access Sharepoint 2013 application. They are getting an error message:

ASP.NET Ajax client-side framework (ScriptResource.axd) failed to load.

The documentation says:

Enterprise Applications Supported

The ASA 9.0 clientless SSL VPN core rewriter has been verified with the following applications:

• Microsoft SharePoint 2003, 2007 and 2010

I'd like to publish this webpage on SSL VPN, we don't want to publish the Sharepoint server directly to Internet with a static NAT.

Peter Koltl · ‎11-20-2013

Smart Tunnel web bookmark is able to load the Sharepoint site but DNS resolving still needs to be solved. What mechanism is supposed to be used by client when Smart tunnel is started? Docs do not talk about that. Wireshark shows that all DNS requests are sent to the client's local DNS server and not sent into the tunnel to HQ DNS servers. However, remote and public DNS server cannot resolve the Sharepoint site private address of course. So the only workaround I could use is add an entry to the client's hosts file.

Peter Koltl · ‎11-21-2013

I've got a tip:

disable Sharepoint compression

but no approval to test it.

Peter Koltl · ‎01-22-2014

It must have been a testing error (or unreproducible behavior), DNS resolving works. Actually it uses a special method:

Sharepoint 2013 ASA clientless SSL VPN

Enterprise Applications Supported

Smart tunnels on Cisco ASA