I'm rolling out clientless SSL VPN out to my current organsiation and I am having issues with Active X - I have setup working profiles and my issues generally lie within Cisco Secure Desktop and active X on the client machine.
I've tried about 6 different windows XP machines running both IE 7 and 8 and keep coming up with errors regarding active X.
Can anyone advise me if they are having any issues that I am also having? Or if they know a way around the problems?
What version of ASA and CSD are you running? What specific errors are you observing and where are you seeing them? During initial CSD execution? Does CSD work correctly when testing with Firefox and Java?
Thanks for the fast reply. The ASA is an active/standby setup and are 5505's. The CSD is csd_3.5.1077-k9.pkg.
The problems is with the security settings. For instance when you login via the CSD enabled profile we are faced with a page stating that active X cannot be run (it flicks the screen too quickly but that's the jist of it). I have tried on several machines all running XP pro (different builds) and IE. Now I can sometimes get it to work on some machines but after numerous tests it just dies and then when logging in...on login it asks me if I want to remove CSD. Obviously I don't as I'm trying to login. I'm not sure if I would be confident rolling this concept out to users who don't have much technical expterise as they have to click several allow this content and that content. The ASA's have Verisign certs attached too.
We have purchased a further 20 licenses for users to login and I'm a little sceptical of rolling this out without ironing out these issues in the first instance.
Thanks for your time Todd and any help is very much appreciated.
When the ActiveX execution fails, does CSD successfully execute using Java on your XP client? Does your XP base image have any ActiveX restrictions enabled in IE? Are you able to execute other ActiveX applets or do they fail as well? Please make sure that the WebVPN FQDN is included in the trusted site list within IE. If you want me to test access from my lab Windows XP and 7 machines, drop me an e-mail at email@example.com with the URL and test credentials.
It runs the Java applet generally with no issues but as that's only a quater size of the screen it's quite limiting to say the least. There is no active X issues as they are used on both business laptops and personal machines as I am trying to negate those issues.
Thank you for your input. I will setup an account tomorrow and will email you regarding this. It's very much appreciated.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :