I have been reading through the other discussions here as well as the ask the expert from last year about connecting iPads via SSLVPN specifically for creating an RDP session. I am looking for clarification to make sure that I understand everyhit correctly. The only way for an iPAD to make an RDP session is to run the full client then use an RDP client on the iPAD. This is due to the iPAD not being able to use the java based RDP plugin. The drawback here if I understand right is that the device is fully on the network with the client running. This means that any potential adware/spyware/virus/whatever would have network access because of the full client.
Is there something that I am missing or is there a way to lock things down to keep the iPAD fully off the network? Can I configure the portal to say use only specific ports to minimize this exposure? We are looking into ways to allow users to remotely connect but not allow them to use the full client. They would remotely connect through a portal to either their company asset or RDP to a terminal server for connectivity. For the windows based folks this is starting to look like a really good solution. This issue is starting to arise that more and more people are starting to get the iPADS instead of standard laptops.
Anyone addressing this with a different method or solution?
Are you using DAP policies or radius authentication? You can have the radius server hand the class attribute in order to place the client in the correct DAP policy. In that DAP policy create a logical expression for the ipad and reference a split tunnel so that rdp traffic (tcp port 3389) is permitted through is protected through the tunnel.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :