Solved

Cisco ASA WebVPN (Remote Desktop Connection)(64-bit clients and servers)

Posted on 2009-07-04
5
5,831 Views
Last Modified: 2012-05-07
Hello

I have been trying to setup a clientless access on Cisco ASA for some TCP application access, especially for remote desktop access.

i need a WebVPN solution; clients running 64-bit and 32-bit windows OSs should access Corporate Terminal Servers via WebVPN. For 32 bit OSs it is ok and running but for 64 bit OSs i do have a problem.

1- I used RDP Plugin for ASA, WebVPN clients can access the Terminal Server inside via Java. One problem is ; When i try to rdp to Terminal Server which is Win 2008 (64-bit) i am getting a Java error = (Wrong Modulus Size ! Expected64 + 8got:264)

2- I configured smart tunnels, any 32-bit client logged on the WebVPN portal can reach the terminal server via rdp.For 64-bit OS Clients, as far as i know it is not supported. Any workaround or solution here ?

Thanks in advance.

0
Comment
Question by:Phoenixisco
5 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 24777839
0
 
LVL 9

Expert Comment

by:Donboo
ID: 24780529
There is no work around for 64-bit clients to use smart tunnels. 64-bit is supported with Cisco Anyconnect.


Requirements for Smart Tunnels

To use smart tunnels, you must have the following:

"A browser with either ActiveX or Java and JavaScript.

"32-bit operating system only (you cannot use 32-bit applications on a 64-bit OS).

"Microsoft Windows XP, 2000, or Vista. For Vista, if you are starting smart tunnels from Internet Explorer protected mode, the security appliance must be in the trusted zone.

"If you need a proxy to reach the security appliance, only basic authentication is supported. Also, the remote end (the private side, not the security appliance) must be in the excluded list (or you must configure the application to reach the remote end by its normal address rather than the proxy address).



Here is the officiel ASA VPN/SSL support page.
http://www.cisco.biz/en/US/docs/security/asa/compatibility/asa-vpn-compatibility.html#wp97238
0
 

Author Comment

by:Phoenixisco
ID: 24783174
I know that i can use anyconnect for 64-bit OSs, but i am looking for a clientless solution to use with 64-bit OSs.

Smart tunnels : No
Port forwarding : No because it requires admin rights.
RDP Plugin or any other solution ?

regards.
0
 
LVL 9

Accepted Solution

by:
Donboo earned 500 total points
ID: 24787440
RDP plugin is 32-bit plugins so that would fall under no go.

I dont have any other solution besides that making users admins during activex installation (I belive its enough just during installation) and then remove their right again.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 35816030
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
Let’s list some of the technologies that enable smooth teleworking. 
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now