RemoteApp and the Clientless SSL VPN Access. (Bookmarks and Smart Tunneling)

jgustafzon · ‎02-11-2015

Hi!

My college uses Terminal Services and RemoteApp to open a web based application remotely. With RemoteApp, introduced in win server 2008 you can open a program without first remotely logging into a server/client and then opening a program. Just type your credentials like an ordinary RDP session and in a window of its own you got the program/application operable like a pop-up window, as long the remote computer is accessible through RDP session.

I would like to configure this so that the client doesn’t need to go through the ASA 5510 (ver 9.1(5)) WebVPN (VPN Portal), connect a RDP session, and then click on the RemoteApp icon (and connect through RDP session)

With smart tunneling I believe you can access the program via Clientless SSL VPN without going through the portal manually, as long as the clientless ssl vpn access > portal is correctly configured.

Any experience with Windows RemoteApp and ASDM configuration of Smart Tunnels?

Thus far I have a RDP session-link in the VPN Portal, when user logs in he get the web based application through ‘remote desktop services user profile’ in Active Directory. In the finished installment my wish is an RemoteApp destop icon, in an home based network, and still get access through clientless ssl vpn and a pop-up of the web application, without bookmarks in the Portal.

Any ideas are appreciated, smart-tunnel or not!

/Jonas

NANCY TURNER · ‎02-11-2015

I am not sure we have the exact same problem but I am surprised you posted this just 4 hours ago as I have been beating my head against the wall trying to figure out how to pass username/password from Bookmarks form or post parameters to RemoteApp. I have tried from URL get/post parameters and also HTML form auto submit. Using the form parameter option it seems to pass the authentication to the server and in the security event log on the server it shows successful but then immediately logs out. I have ran the HTML capture to get my parameters which are: DomainUserName, UserPass, and MachineType. The first two are obvious but the MachineType I am assuming is private or public but I guess it could be a number value as well. Regardless of the value it does not change the outcome.

The message I get on the login page is "Another user of your computer is currently using this connection. This user must disconnect before you can log on." This is not true and I can manually type in my credentials and it logs in.

I too would appreciate any help on this.

gheimgartner · ‎10-01-2015

Nancy did you ever find a solution to this problem? I'm beating my head against the wall to figure out the same thing.

NANCY TURNER · ‎10-02-2015

It has been a while so I don't remember all the details but I know it took a while through trial and error. Are you trying to get Microsofts RemoteApp to work or just passing credentials in general? The theory is to use the HTML Parameter Capture but I have found it is not always accurate. We used a program called Ericom for terminal services and the capture returned "username" but that did not work and Ericom documentation lists it as "EAN_Username", which did work. However if you look for that in the source code it only shows "username".

Also, try adding the single sign on parameters to the url. Here are a couple of examples.

servername:port/webpagename/sso

servername/?domain=yourdomain&csco_sso=1

I have Remote Desktop, AccessNow Ericom, and Exchange 2013 working and passing credentials. I can't remember if I got RemoteApp working but based on the blogs I have read others have it working.