Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Pass vpn portal login credentials to homepage

We're currently in the process of upgrading our vpn client from the old ipsec client to anyconnect and want to use the web login (just login, no portal page) for access.

We have a main intranet page that everyone uses and needs to login to use (we use Active Directy so credentials for vpn and intranet are the same), so, using a custom vpn login page, would it be possible to take a user's login credentials entered on the login site and post them into the intranet page so that the Intranet page opens automatically (after logging onto the vpn) with them already logged in?

I'm guessing the login fields arn't accessible but it would be nice in order to reduce the amount of times need to login with the same credentials.

Thanks

Everyone's tags (2)
5 REPLIES
Cisco Employee

Pass vpn portal login credentials to homepage

Sam,

I think this is what you're looking for:

http://www.cisco.com/en/US/solutions/collateral/ns340/ns414/ns742/ns744/docs/c07_717723_00_asa_adaptive_security_appliance.pdf

section

"Auto Sign-On for External Portal Page".

To troubleshoot this you will need to use HTTPwatch/fiddler or other similar tools.

M.

New Member

Pass vpn portal login credentials to homepage

Very promising, thank you, but I'm having issue with the two different homepage options; there's the External portal page option which has the POST functionality I need but, to my understanding, that portal only opens with the clientless/browser ssl vpn.

The other option is the Homepage url setting in the group policy which almost functions as needed, it opens up the page after the login but I can't see any POST functionality with this option, it seems like I would have to push the login credentials into the url but that would be a bad idea.

Any ideas?

Cisco Employee

Pass vpn portal login credentials to homepage

Sam,

I think it's a limiation of group-policy homepage that it does not allow neither macro subsituation nor POST.

IRT pushing credentials it's not that big of a problem - provided it's HTTPS.

Probably not the best idea in the world of security, but not uncommon.

M.

New Member

Pass vpn portal login credentials to homepage

That's a shame but we should be able to work around that.

Just a thought but would it be possible to do the process the other way around? ie. passing the login credentials to the ASA login page from an external site?

Cisco Employee

Pass vpn portal login credentials to homepage

Sam,

I found a few threads internally asking for SAML/POST from other portal to ASA and it does not exist today.

The POST method could potentially work, but from experience, it's not something that would be guaranteed to work across versions.

M.

354
Views
0
Helpful
5
Replies
CreatePlease login to create content