cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2929
Views
0
Helpful
8
Replies

Clientless SSL WebVPN

max.pierson
Level 1
Level 1

Does anyone know how to inject HTTP POST if you choose to bypass the portal page via the Optional Homepage URL?? It seems as though you dont have any options to pass credentials unless you use the portal and bookmarks.

8 Replies 8

Todd Pula
Level 7
Level 7

One option would be to use the POST plug-in along with a customization page.  On the customization portal page you can define a homepage URL which will have the post and macros included.  You will then associate this customization to the group policy so that it loads after successful authentication.  A sample POST URL may look something like this:

post://mycitrix-server.abcd.com/Citrix/AccessPlatform/auth/login.aspx?LoginType=Explicit&user=CSCO_WEBVPN_USERNAME&password=CSCO_WEBVPN_PASSWORD

Is there another way to do this other than the POST command?  It is my understanding that the POST command will not allow you to enable, "Use Smart Tunnel for Homepage" since it is not an HTTP(S) protocol.

The ASA 8.4 code release will include enhancements for auto sign-on capabilities using POST with smart tunneling.

Any idea when this will be released?

Another question.   If I have the home page set to an http or an https site and smart-tunnel enabled on the site I get this error is the smart tunnel is not installed on the system.  WebVPN Relay loader is taking a long time to start. Jave must be installed and enabled in the browser.  I know Java is enabled and I can go to another ASA site that does not have the home page set and smart-tunnel installs fine and works.  Why is it not installing for the first time user if the are being directed to a home page and not the portal page?  How can I fix this problem.

Okay figured this one out.  In IE you  have to have the setting set in Intranet security to enable, allow previously unused activex controls to run without prompt.  In Firefox you need to make sure Java is installed.

Just so I understand.  Having smart tunnel enabled on the home page by checking the enable button on "Use smart tunnel for Hompage:" is only for Windows systems.  This will not work on a Mac since the docs say that you can only fire smart tunnel on a Mac from a bookmark, is this correct or is there a work around?  If not is this being looked at to be fixed in the future?

Todd, I have tested the 8.4.1 code and it seems that you still can not do a post and auto start smart-tunnel.  Did this fix not make it in the code?

"The ASA 8.4 code release will include enhancements for auto sign-on capabilities using POST with smart tunneling."

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: