Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

SSLVPN 9.2 Citrix Single Sign-on using External Portal

I was working on an ASA migration that was using the Anyconnect Clientless portal to single sign on with a seamless redirection to Citrix. They were running 9.1.2 and were using the homepage url with Post to redirect and login users to Citrix without sending them to the Cisco portal first. In later versions of  ASDM the Post feature is missing for the Homepage URL and in 9.2.2 this feature is not available in the CLI either, even though the commands may be in there if you restored using ASDM. Https does not work and even if it did it displays the Username and Password in clear text in the URL.

I contacted TAC and was informed this option was removed and that there was no work around.

 

While trying to get the portal reconfigured to use Bookmarks I stumbled across a feature called External Portal. This feature does exactly what the homepage URL feature does, but it still has the option to use Post URLs. Oddly enough the Post URL I had did not work so I tried the PreDefined Application templates and was able to set it up using HTTPS for XenApp, but this time the Username and Password are not displayed in the URL. The below link gives some information on it on page 12, but the process is pretty straight foward.

http://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise/design-zone-security/tunnel.pdf

 

Even after finding this solution I could not find any mention of it online so I decided to post this to hopefully save others the hassle I went through.

Everyone's tags (1)
94
Views
0
Helpful
0
Replies