Interested in using SSL VPN with the ASA box, but have some questions I am hoping someone can verify:
Apparently there are 3 ways it can be utilised:
1. Clientless SSL VPN - A remote client needs only an SSL-enabled web browser
2. Thin-Client SSL VPN (Port Forwarding) - A remote client must download a small Java-based applet
3. SSL VPN Client (SVC-Tunnel Mode) - The SSL VPN Client downloads a small client to the remote workstation
So just that I am on the right track here, if I had clients and wanted absolutely nothing installed\downloaded on them I could go with 1. It may seem an obvious question, but I have found a lot of advertised "clientless" applications actually try to install certain components.
Also, a secondary question, certain web applications do use ActiveX\Java etc..so if I used option 1 and tried to access that required active x control, would the browser just try and attempt to download the control as per normal.