Cisco ASA + Printer Redirection

Answered Question
Jul 31st, 2010

We are setting up our remote users to connect through our Cisco web portal. After they connect in through the SSL Clientless connection from our ASA, we then have a link for them to launch a Remote Desktop connection to one of our Remote Desktop Servers (OS: Win 2008 R2). Problem is, none of their local printers are coming across this connection into the Remote Desktop session. I know Microsoft requires Remote Desktop 6.1 to be used on client side in order for Easy Print to work, so I have a couple questions...


1. Does the ASA have it's own built-in Remote Desktop and if so, what version is this? And how do we find the version it's using? Or is it using the local Remote Desktop of the PC? (I don't believe we are using the java-based connection for when launching the remote desktop session).


2. Is there any special configuration that needs to be done on the ASA to allow local printer connections to come across the pipe and be allowed to show up in the user's remote desktop session?


Thanks.


-Ryan

Correct Answer by Magnus Mortensen about 6 years 6 months ago

If the users are using a remote desktop link in the SSL portal, you may need to adjust the RDC parameters:


http://www.cisco.com/en/US/docs/security/asa/asa80/asdm60/ssl_vpn_deployment_guide/deploy.html#wp1127332


I think if you configure it with ASDM there are options like:


The parameters available for the ActiveX client used by Microsoft Internet Explorer include:

RedirectDrives—Set to true to map remote drives locally.

RedirectPrinters—Set to true to map remote printers locally.

FullScreen— Set to true to start in FullScreen mode.

force_java—Set to yes to force the Java client.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Magnus Mortensen Sun, 08/01/2010 - 14:17

Ryan,

     If my understanding of RDC is correct, all the communication goes over the single TCP connection. In the past when I have seen this issue, it was becuase of some printer driver issues on the Terminal Server. Do you see anything in the event logs on the Terminal Server? If you try to Remote Desktop from within the network do the same printers show up (thereby ruling out the ASA/Internet)?


- Magnus

Mike Williams Sun, 08/01/2010 - 17:36

Sorry, meant to say that. When I RDC to the same Terminal Servers from a Cisco VPN client on the same PC, the printers do come over like they should. Just not when I use the web portal and the SSL Clientless connection. Both types of connections are going through the same ASA.

Correct Answer
Magnus Mortensen Mon, 08/02/2010 - 20:18

If the users are using a remote desktop link in the SSL portal, you may need to adjust the RDC parameters:


http://www.cisco.com/en/US/docs/security/asa/asa80/asdm60/ssl_vpn_deployment_guide/deploy.html#wp1127332


I think if you configure it with ASDM there are options like:


The parameters available for the ActiveX client used by Microsoft Internet Explorer include:

RedirectDrives—Set to true to map remote drives locally.

RedirectPrinters—Set to true to map remote printers locally.

FullScreen— Set to true to start in FullScreen mode.

force_java—Set to yes to force the Java client.

Mike Williams Tue, 08/03/2010 - 15:38

Magnus - Thank you very much! I just tried testing the connection using:  rdp://laxrdp/?RedirectPrinters=T    and it works great!


Appreciate all the help.


-Ryan

Mike Williams Wed, 08/11/2010 - 18:33

Need help on one other thing with this. We are trying to use the parameter of FullScreen=True, but it is not working. Could you give me some advice or ask some of your peers as to why this wouldn't work? I am trying the following:  rdp://laxrdp/?FullScreen=True  Yet it does not start in Full Screen mode. My other parameters work fine, such as:  rdp://laxrdp/?RedirectPrinters=True

Sam Sanders Wed, 09/05/2012 - 13:31

I have been using the parameter /?geometry=1024x768&bpp=16&ForceJava=Yes and both those options work wonderfully, but when I try adding the RedirectPrinters=True option, it still does not let me print to my local printer (which is a HP LJ400 connected via USB).  It is interesting that some of the commands are set to Yes and others are set to True... and in your comment above it looks like RedirectPrinters=T - could it be that I should be using that instead of RedirectPrinters=True? Also, I checked the printers box under the MS RDP local resources tab, but that has no effect on it. It appears to be using a Java client and not the MS client.  Any suggestions are humbly and sincerely appreciated!


Thanks,


Sam Sanders

Actions

This Discussion

Related Content