Vista Clientless WebVPN and ASA v 8.02 - No Clientless for Vista
We are having a problem after configuring an ASA WebVPN to do Clientless. When a non Windows Vista system connects the clientless SSL Web VPN works just fine via the HTTPS:// address. If a Windows Vista system connects, it won't do it via the Clientless. Instead it downloads the Java Any Connect client from the ASA and wants to connect to the web VPN via the client. Does Vista work with the Clientless VPN? Do we have to use Any Connect with Vista?
We do have these commands on the ASA v8.02:
svc image disk0:/sslclient-win-220.127.116.11.pkg 1
svc image disk0:/anyconnect-win-2.0.0343-k9.pkg 2
If we take off the Windows AnyConnect, will Vista use the Clientless?
Re: Vista Clientless WebVPN and ASA v 8.02 - No Clientless for V
Vista certainly works in clientless mode, so you will need to look around your configuration a little more. I configured a dozen ASAs with SSL VPN and have both clientless and SVC working across the Windows operating systems.
Immediately launching the SVC after login is a function of the group policy. Here is an example:
group-policy MFA-Demo-01 attributes
svc ask none default svc
The options for the 'Post Login' setting are to prompt/not-promt, and 'Go to...portal' or 'Download SSL VPN Client'. (You will find this in ASDM at Remote Access VPN > Clientless SSL VPN Access > Group Policies (Edit a policy) > More Options > Login Setting).
Do you have more than one policy configured?
One of them may be configured this way.
Also, you can monitor the logs, as they indicate the Group Policy that a user is assigned to when they authenitcate an SSL VPN connection.
Taking off AnyConnect will likely break the group policy.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :