Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

WebVPN Auto-Signon with RDP

Hello,

I have a question about WebVPN and AutoSignon.

We have an ASA5510 and we use the SSL WebVPN. We are developing a terminal server for application access and are connecting to it with the webvpn. However, I'd like to use auto-signon. We are using LDAP authentication to sign into the webvpn. In other enviornments, I have used auto-signon to access web pages. I am just not sure how to do it with RDP, or if it can be done with rdp. The terminal server is going to be running windows server 2008 & I am assuming that we will need to modify some of the terminal services policies to allow the credentials to pass through. We'd like to not require the user to input username and password again.

I've also used the ASA RDP client.

We aren't using single-sign on, ie we don't have any kind of third party protect running. We just use the ASA & Active directory.

So, has anyone ever done any kind of auto-signon with RDP?

As a added benefit, it would be good to integrate TS Remote Apps with the WebVPN. TS Remote apps creates a rdp file that would execute a single application on the terminal server. While it's actually an rdp session, it appears to the end user as a locally installed application. Does anyone have any experience with appling a predefined RDP file or a TS Remtoe app to the webvpn?

Just to shore up my understanding, when you access the rdp client with the webvpn, is the ASA running it's own RDP client or is it accessing the RDP client on the web-client's computer?

And, does anyone know of any documents that describes all the parameters that can be used on the WebVPN RDP client? Maybe there are some other parameters in there that would help.

Thanks,

Ben

Everyone's tags (6)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: WebVPN Auto-Signon with RDP

RDP Plugin supports single sign on (SSO) feature.

Here is the URL for your reference (it also explains about the plugin itself and SSO):

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/webvpn.html#wp1292744

Here is the auto-sign-on sample configuration:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008067e9ff.shtml

Hope that helps.

5 REPLIES
Cisco Employee

Re: WebVPN Auto-Signon with RDP

RDP Plugin supports single sign on (SSO) feature.

Here is the URL for your reference (it also explains about the plugin itself and SSO):

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/webvpn.html#wp1292744

Here is the auto-sign-on sample configuration:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008067e9ff.shtml

Hope that helps.

New Member

Re: WebVPN Auto-Signon with RDP

Thanks Alot, but I am still having some trouble with the Auto Signon.

I got the client downloaded, configured, etc. However, the autosignon isn't working.

If I enable POST parameters from within the ASDM for the bookmark, I get an error through the webvpn.

     these are the parameters:

     Name                       Value

     username                 CSCO_WEBVPN_USERNAME

     password                  CSCO_WEBVPN_PASSWORD

     destination                192.168.2.1

     192.168.2.1 is the ip address of the terminal server.

     the error that I get in the webvpn is Can not find server .plugins. or DNS error. However, if I remove the post parameters I at least get to the login screen of the terminal server.

I also have the following commands applied:

auto-signon allow ip 192.168.2.1 255.255.255.255 auth-type ntlm
smart-tunnel auto-signon RDP ip 192.168.2.1 255.255.255.255

Any Suggestions?

Thanks,

Ben

New Member

Re: WebVPN Auto-Signon with RDP

Thanks Again for the info. I called the TAC and we got it to work with the &csco_sso=1parameter in the bookmark.

Next question is whether or not there is a parameter for color depth.

New Member

Re: WebVPN Auto-Signon with RDP

Hi Benjamin

I'm having some similar problems to the details you posted here, can you please clarify where you entered '&csco_sso=1parameter' and did you keep the following config under the post parameters:

Name                       Value

     username                 CSCO_WEBVPN_USERNAME

     password                  CSCO_WEBVPN_PASSWORD

     destination                192.168.2.1

Kind Regards

Terry

New Member

Re: WebVPN Auto-Signon with RDP

Terry,

I put those parameters in the address feild of the link.

No, I don't believe I kept those other post parameters.

4196
Views
0
Helpful
5
Replies
CreatePlease to create content