WebVPN - Smart Tunnels and Autologon

asmith1972 · ‎06-25-2009

Hello

We have a ASA 5520 version 8.0(4) and we use WebVPN. This works fine and users can logon and get automatiically directed to our sharepoint portal.

How we are now realsing some software on our Sharepoint portal that needs to have a Smart Tunnel setup for it to work.

We have configured this and the tunnel works ok and the apps run ok. However the problem we have now is that because our sharepoint portal starts up in the Smart Tunnel the username and password of the user doesn't seam to get passed through. So they have to logon again to the sharepoint portal.

Anyone any idea how to resolve this?

auraza · ‎06-25-2009

Use the following example:

hostname(config-webvpn)# smart-tunnel auto-signon servers1 ip 10.1.1.1 255.0.0.0

hostname(config-webvpn)# smart-tunnel auto-signon servers1 host *.abc.com

hostname(config-group-policy)# webvpn

hostname(config-group-webvpn)# smart-tunnel auto-signon enable servers1

PS. If you think this post was helpful, please rate it.

jmayes · ‎10-21-2009

Related question: we host web-based training for Fed Gov't, with locked-down workstations and restricted outbound ports (80 and 443 only allowed).

We fix that issue by proxying to a portal server on our side, but there's a performance hit.

I can get around the performance hit by using SSL VPN with smart tunnel of RDP (mstsc.exe) so the end user gets a remote desktop experience without proxying, but it requires too much user interaction (user clicks on web link; user logs on to SSL VPN, usr cklicks on apps launcher, user clicks on smart tunnel launcher, user invokes RDP client software, user selects server to connect to, user logs in to remote desktop, and then finally is where we want them.

How many of thse steps can be compressed/scripted/etc. Ideal experience would be user clicks on URL, logs in, and presented the remote desktop.