03-19-2009 12:58 PM - edited 02-21-2020 03:21 AM
Hello all,
I have the ASA configured for SSL vpn and anyconnect use. Ideally, I would like to use a bookmark via the clientless portal to allow access to our internal Microsoft Dynamics CRM web server. I have the link configured but when clicking on it, the page looks as if it's going to load but then each frame says "the web page cannot be displayed". I think this may be an authentication problem. Is there a way for the portal to allow the CRM website to ask for proper credentials and then continue loading? It works once connected using the Anyconnect client.
Is this a limitation of this setup or does anyone know a way to get this application to function?
Thanks in advance,
Josh
03-25-2009 07:18 AM
All web applications are not compatible with the Clientless VPN server. There are a number of features available on the ASA firewall to workaround this limitation of clientless SSL VPN (WebVPN).
Smart tunnels are the most appropriate option I guess:
http://www.cisco.com/en/US/docs/security/asa/asa80/release/notes/asarn80.html#wp229690
http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/webvpn.html#wp1218044
Regards
Farrukh
04-03-2009 09:53 AM
I am having the same issue, both on our 5510 & VPN 3005 Concentrator. The only way I have found around this was to use port forwarding on the 3005, so they type in 127.0.0.1:5555 and can browse to CRM. Silly way to do it, but I am waiting to hear a better way.
04-03-2009 10:46 PM
The VPNC does not support smart tunnels, it does support port forwarding AFAIR.
The smart tunnel feature is the recommended option as compared to Port Forwarding. However it needs 8.x code on your 5510 box.
Regards
Farrukh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide