SA540 SSL VPN Questions

Unanswered Question
Oct 14th, 2009

I have just installed a new SA540 which replaced an PIX 506 that died last week.  I have configured it for SSL VPN access.  Everything is working with a few exceptions:

1. Our user accounts include spaces and I am unable to add users to the Active Directory group as it does not allow spaces so I have created accounts in the default SSLVPN group.  How do I add users to the Active Directory group whose account names contain spaces or periods?

2. Mac users are able to access the SSL VPN Portal and get to the Client page.  However one there they can not install the VPN applet as they are prompted for the password of the privledged user and no local passwords seem to work.  All of the Mac users are local administrators and I assume that the applet is using sudo in the background.  How can they install the applet and what password is the applet looking for?  Is there another way for Macs to access the SSL VPN?

15% of the users have Macs and are now unable log on to the VPN.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Steven Smith Wed, 10/14/2009 - 13:06
What version of OS are you running? I tried this on a Mac OS X 10.5.8 Intel MacBook Pro and it worked for me.  The administrator password worked, but that box is only setup to use one password.

I am asking some developers about the Active Directory question.

Also, what browser are you using?

harry.akaki Wed, 10/14/2009 - 14:03

They are all MacBook Pros running Snow Leopard (10.6).  I found out that the root account is disabled by default on Macs and must be enabled to install the applet. ( The lack of support for 64 bit OS is also a problem for the Vista users at home.

One of the driving factors in choosing this device over the SonicWall device was the name Cisco and the supposed support of Active Directory authentication so my real problem is the spaces in the account names.  I wanted to use the AD for authentication so as to not need to create a local user database, but I had to do that anyway, which was a real pain.

harry.akaki Wed, 10/14/2009 - 14:42

The Mac users are now able to connect but for some reason it only works in Full Tunnel mode for them but it works in Split Tunnel mode for everyone else.

PC users with IE 8 and those with 64 bit Vista can not install the VPN applet.

Help, Please!


This Discussion

Related Content