Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA WebVPN with SSO on Exchange OWA 2010

Hi I was using WebVPN (clientless) with SSO on Exchange OWA 2003 and it was working fine with those SSO POST parameters:

URL: https://<mailserver>/exchweb/bin/auth/owaauth.dll

destination https://<mailserver>/exchange/
flags 0

username DOMAIN\CSCO_WEBVPN_USERNAME

password CSCO_WEBVPN_PASSWORD

SubmitCreds Log+On

forcedownlevel  0

trusted 0

Now, I'm trying to do the same with OWA 2010 and it doesn't work. I always receive an error about user credentials

For Exchange 2010, I use those parameters:

URL: https://<mailserver>/owa/auth.owa

destination https://<mailserver>/owa/
flags 0

username DOMAIN\CSCO_WEBVPN_USERNAME

password CSCO_WEBVPN_PASSWORD

SubmitCreds Log+On

forcedownlevel  0

trusted 0

Does anyone know how to fix?
Has anyone got it working?

Any help?

Thanks

Everyone's tags (7)
1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: ASA WebVPN with SSO on Exchange OWA 2010

In this setup, I had to change it to HTTP (customer related). It works over HTTPS as well.

Get this tool http://www.fiddler2.com/fiddler2/.

URL:      http://internal-mail-server-ip/owa/auth/owaauth.dll

post-parameter:

destination:          http://internal-mail-server-ip/owa/

flags:                    0

forcedownlevel:    0

trusted:                 0

username:            CSCO_WEBVPN_USERNAME

password:            CSCO_WEBVPN_PASSWORD

isUtf8:                   1


<![CDATA[webmail_sso]]>
post
yes
</span><a class="jive-link-external-small" href="http://internal-mail-server-ip/owa/auth/owaauth.dll">http://internal-mail-server-ip/owa/auth/owaauth.dll</a><span>
Single Sign On

no

http://internal-mail-server-ip/owa/

destination


0
flags


0
forcedownlevel


0
trusted


CSCO_WEBVPN_USERNAME
username


CSCO_WEBVPN_PASSWORD
password


1
isUtf8

Greets,

Norbert

Hope this help....please rate if helpful

6 REPLIES
New Member

Re: ASA WebVPN with SSO on Exchange OWA 2010

Hi,

Have you tried "http capture"?

Here is my "Workaround" bookmark. I'll post the final bookmark (when I'm back in the office).....

http:///owa

destination:     http:///owa/

flags:               0

forcedownloadlevel:     0

trusted:               0

username:        CSCO_WEBVPN_USERNAME

password:         CSCO_WEBVPN_PASSWORD

isUft8:          1

BUT, the weird think is, when I hit the bookmark, the OWA (2010) login screen appears.

After klicking (once) on the "sign in" button on the OWA login page, go back to the WebVPN portal and click a second time on the bookmark the

access to the mailbox account is granted.

The same with the post-plugin.

Greets,

Norbert

New Member

Re: ASA WebVPN with SSO on Exchange OWA 2010

it doesn't work for me. Incorrect credentials

http capture? how can i do that? does it works with https?

thanks

New Member

Re: ASA WebVPN with SSO on Exchange OWA 2010

In this setup, I had to change it to HTTP (customer related). It works over HTTPS as well.

Get this tool http://www.fiddler2.com/fiddler2/.

URL:      http://internal-mail-server-ip/owa/auth/owaauth.dll

post-parameter:

destination:          http://internal-mail-server-ip/owa/

flags:                    0

forcedownlevel:    0

trusted:                 0

username:            CSCO_WEBVPN_USERNAME

password:            CSCO_WEBVPN_PASSWORD

isUtf8:                   1


<![CDATA[webmail_sso]]>
post
yes
</span><a class="jive-link-external-small" href="http://internal-mail-server-ip/owa/auth/owaauth.dll">http://internal-mail-server-ip/owa/auth/owaauth.dll</a><span>
Single Sign On

no

http://internal-mail-server-ip/owa/

destination


0
flags


0
forcedownlevel


0
trusted


CSCO_WEBVPN_USERNAME
username


CSCO_WEBVPN_PASSWORD
password


1
isUtf8

Greets,

Norbert

Hope this help....please rate if helpful

New Member

Re: ASA WebVPN with SSO on Exchange OWA 2010

Great!

This parameters works for me, too (and with https)

Thank you very much

New Member

ASA WebVPN with SSO on Exchange OWA 2010

Hi!

Where can i set these parameter setting suggested? I´m using ASA5510 Version 8.4(1) and the post options i have in drop-down list is:

CSCO_WEBVPN_USERNAME

CSCO_WEBVPN_PASSWORD

Is this done via cli? If so how should i enter config mode for a specific bookmark and entry?

Regards,

Fredrik

New Member

Re: ASA WebVPN with SSO on Exchange OWA 2010

Hi there,

See

http://www.cisco.com/en/US/docs/security/asa/asa80/asdm60/ssl_vpn_deployment_guide/deploy.html#wp1002989

under chapter "Configuring Post Parameters for SSO with Outlook Web Access".

Edit Bookmark, Advanced Options...

HTH,

Norbert

8778
Views
5
Helpful
6
Replies
CreatePlease login to create content