Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Accessing Active Directory files through SSL VPN

Hello,

We have been running Barracuda VPN appliance and would like to start using Cisco's VPN(AnyConnect) options. I have set up everything and am able to connect through AnyConnect VPN tunnel. My question is that, in Barracuda we used "Lan1 Client" to automatically map the active directory user drives and those files show up in My Computer under those drives. What do we need to do to get those drives without having to join the domain using Cisco ASA?

I looked through all over but haven't found any documents or discussion regarding this. I will greatly appreciate any feedback.

5 REPLIES

Accessing Active Directory files through SSL VPN

AnyConnect carries on the Cisco tradition of "SBL" Start Before Logon" the user has to initiate the AnyConnect VPN before they logon and anuthenticate to the machine.  SBL allows a VPN to be connected to the corperate environment - once connected the user logs in like they were connected on the LAN, all drives and services work as normal.

See the below link....

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00809f0d75.shtml

I finished a project 3 months ago to roll this out for 5000+ users - it works very well.

New Member

Accessing Active Directory files through SSL VPN

Thanks Andrew. Just to clarify, Does this method still require the remote client to join the Domain? I didn't see this information.

Accessing Active Directory files through SSL VPN

Hi,

Yes - ideally the machine would already be part of the domain. And the user has their credentials cached on the machine.  When logged into the SBL, the machine looks like its locally connected on the LAN and the domain.

New Member

Accessing Active Directory files through SSL VPN

Hi Andrew,

Thank you. I have set it up however, it is giving me this error when I try to use SBL feature:

"AnyConnect cannot confirm it is connected to your secure gateway. The local network  may not be trustworthy. Please try another network."

It has something to do with the certificate but I haven't been able to fix it. Most of the solutions on the web are for Linux.

Accessing Active Directory files through SSL VPN

HI,

You need to do 2 things:-

1) create a "persistant self signed certificate in the ASA" - see below URL.

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808efbd2.shtml

2) Once you have the cert - you need to install them in the laptops "local machine certificate store"

The certificate cannot be installed in any other location - as the anyconnect software needs to access the machine, before anyone logs in.....

764
Views
0
Helpful
5
Replies
CreatePlease login to create content