Cisco ASA WebVPN (Remote Desktop Connection)(64-bit clients and servers)

Hello

I have been trying to setup a clientless access on Cisco ASA for some TCP application access, especially for remote desktop access.

i need a WebVPN solution; clients running 64-bit and 32-bit windows OSs should access Corporate Terminal Servers via WebVPN. For 32 bit OSs it is ok and running but for 64 bit OSs i do have a problem.

1- I used RDP Plugin for ASA, WebVPN clients can access the Terminal Server inside via Java. One problem is ; When i try to rdp to Terminal Server which is Win 2008 (64-bit) i am getting a Java error = (Wrong Modulus Size ! Expected64 + 8got:264)

2- I configured smart tunnels, any 32-bit client logged on the WebVPN portal can reach the terminal server via rdp.For 64-bit OS Clients, as far as i know it is not supported. Any workaround or solution here ?

Thanks in advance.

PhoenixiscoAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Istvan KalmarHead of IT Security Division Commented:
0
DonbooCommented:
There is no work around for 64-bit clients to use smart tunnels. 64-bit is supported with Cisco Anyconnect.


Requirements for Smart Tunnels

To use smart tunnels, you must have the following:

"A browser with either ActiveX or Java and JavaScript.

"32-bit operating system only (you cannot use 32-bit applications on a 64-bit OS).

"Microsoft Windows XP, 2000, or Vista. For Vista, if you are starting smart tunnels from Internet Explorer protected mode, the security appliance must be in the trusted zone.

"If you need a proxy to reach the security appliance, only basic authentication is supported. Also, the remote end (the private side, not the security appliance) must be in the excluded list (or you must configure the application to reach the remote end by its normal address rather than the proxy address).



Here is the officiel ASA VPN/SSL support page.
http://www.cisco.biz/en/US/docs/security/asa/compatibility/asa-vpn-compatibility.html#wp97238
0
PhoenixiscoAuthor Commented:
I know that i can use anyconnect for 64-bit OSs, but i am looking for a clientless solution to use with 64-bit OSs.

Smart tunnels : No
Port forwarding : No because it requires admin rights.
RDP Plugin or any other solution ?

regards.
0
DonbooCommented:
RDP plugin is 32-bit plugins so that would fall under no go.

I dont have any other solution besides that making users admins during activex installation (I belive its enough just during installation) and then remove their right again.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Pete LongTechnical ConsultantCommented:
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.