I am working on the best option to set up remote access to our LAN. I have SSL via AnyConnect running now and I set up rules to only allow RDP traffic to certain systems. That's all I need and want for them, but I started fooling around with the clientless SSL feature and like the possibilities of the web bookmarks!
So what I was wondering is how it works basically, with smart tunnels or even just the basic portal apps. If I set up a portal page for a user that has links for RDP and a web page, does the ASA drop ALL other packets from the client ie virii, keyloggers/worms by default or do I need to rule all other traffic out as I have done for my AnyConnect set up? I noted that when looking at adding a smart tunnel link it states that all web traffic from a client will go over the SSL tunnel to our lan and then out? ie kind of like a non split-tunnel set up.
In short, I want to ensure that only traffic gets sent to LAN via a clientless SSL session for the specified apps and nothing else, and preferably maintain my split tunnel type set up that the full SSL setup has.
Re: Clientless SSL ASA - What traffic gets through?
In a clientless SSL VPN connection, the security appliance acts as a proxy between the end user web browser and target web servers. When a user connects to an SSL-enabled web server, the security appliance establishes a secure connection and validates the server SSL certificate. The end user browser never receives the presented certificate, so therefore cannot examine and validate the certificate.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...