SSLVPN can't browse file shares

Unanswered Question
Sep 30th, 2009
User Badges:

I have recently set up my SSLVPN on my ASA 5510 running ASDM 8.0 (4). I would like to use the CIFS function for VPN Users, but I get an error when I try to click on the server share. I get error connecting to host, eventhough I am able to see the server shares.


I'm using the web browsing function of the SSLVPN. So I use the pulldown menu, select CIFS, ant type the IP of the server.


Please help,


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Anonymous (not verified) Tue, 10/06/2009 - 05:04
User Badges:

Clientless SSL VPN serves remote users with HTTPS portal pages that interface with proxy CIFS and/or FTP clients running on the security appliance. Using either CIFS or FTP, clientless SSL VPN provides users with network access to the files on the network, to the extent that the users meet user authentication requirements and the file properties do not restrict access. The CIFS and FTP clients are transparent; the portal pages delivered by clientless SSL VPN provide the appearance of direct access to the file systems.


When a user requests a list of files, clientless SSL VPN queries the server designated as the master browser for the IP address of the server containing the list. The security appliance gets the list and delivers it to the remote user on a portal page.


Clientless SSL VPN lets the user invoke the following CIFS and FTP functions, depending on user authentication requirements and file properties:


•Navigate and list domains and workgroups, servers within a domain or workgroup, shares within a server, and files within a share or directory


•Create directories


•Download, upload, rename, move, and delete files


The security appliance uses a master browser, WINS server, or DNS server, typically on the same network as the security appliance or reachable from that network, to query the network for a list of servers when the remote user clicks Browse Networks in the menu of the portal page or on the toolbar displayed during the Clientless SSL VPN session.


The master browser or DNS server provides the CIFS/FTP client on the security appliance with a list of the resources on the network, which clientless SSL VPN serves to the remote user.

Note: Before configuring file access, you must configure the shares on the servers for user access.

Reference URL:

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/webvpn.html#wp1084222

auraza Thu, 10/08/2009 - 13:50
User Badges:
  • Cisco Employee,

This should work. What kind of server is it that you are trying to open a share on? Windows 2008 or 2003? You might need to do packet captures to see what the cause may be.


There were some bugs in 8.0(4) where this error was seen. I would recommend going to the latest version of 8.0(4).


PS. If you found this post helpful, please rate it.

Actions

This Discussion