Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Dynamic RDP shortcuts for SSL VPN

I could swear I read somwhere that there was a way to configure the Cisco ACS server (or a RADIUS/LDAP AAA Server) to pass a rdp:// type shortcut to the users bookmakrs when he/she logs into a SSL VPN portal and uses the AAA server to authenticate.  So for an example:

Sally is in accounting and so is Bill.  Both have SSL VPN access.  When Sally logs in to the VPN portal, a shortcut to create a Terminal Server connection to her specific workstation is there in her bookmakrs.  Same for Bill but Bill has a unique shortcut for his workstation.

Am I dreaming or was there a way to do this?

Thanks.

If this posts answers your question or is helpful, please consider rating it and/or marking as answered.
4 REPLIES
New Member

Re: Dynamic RDP shortcuts for SSL VPN

You could do this with an LDAP Attribute map.  Create a separate URL-List (bookmarks) for the users and then use a field in AD to map to the Url List.

http://www.cisco.com/en/US/partner/docs/security/asa/asa82/configuration/guide/ref_extserver.html#wpxref12294

Re: Dynamic RDP shortcuts for SSL VPN

Thanks for the reply! This is something that I had considered -- but it would mean a separate bookmark for each user no?  If you have several hundred users... this could be tedious, not to mention a nightmare to police.  I'm acutually looking for a way to do this in a more dynamic fashion.

If this posts answers your question or is helpful, please consider rating it and/or marking as answered.
New Member

Re: Dynamic RDP shortcuts for SSL VPN

Yes that would certainly become unmanageable.  Maybe you were thinking of Macro Substitutions - which may work.

5

CSCO_WEBVPN_MACRO1

Set via RADIUS/LDAP vendor-specific attribute

6

CSCO_WEBVPN_MACRO2

Set via RADIUS/LDAP vendor-specific attribute

http://www.cisco.com/en/US/docs/security/asdm/6_1/user/guide/vpn_web.html#wp1160691

Re: Dynamic RDP shortcuts for SSL VPN

Certainly worth a second look, but at first glance I don't see how that would work since the substituion would have to be either a hostname or an IP address.  I guess if the hostname was based off their username it might work, but that's not the case here.

Is there a way to pass a url list via Radius attributes?  Those would be dynamic .. no?

If this posts answers your question or is helpful, please consider rating it and/or marking as answered.
434
Views
10
Helpful
4
Replies