Solved

Accessing Sharepoint 2010 Site Remotely using Cisco ASA Clientless VPN

Posted on 2010-08-31
2
4,727 Views
Last Modified: 2012-05-10
We have a Cisco ASA 5520 running IOS 8.2(1), which is set up for clientless VPN (WebVPN) for external access to a few Sharepoint sites.  We were using Sharepoint 2007 previously, and we didn't have any issues.  Now that we have upgraded our Sharepoint infrastructure to 2010, the sites won't load through clientless SSL VPN.  When I click on the link in the Bookmarks for SSL VPN, all I get is 'Page Could Not Be Displayed".  The Sharepoint 2010 sites work fine inside, and externally when connected with the AnyConnect client.  The Sharepoint 2007 sites still load through clientless VPN, as do any of the other websites we host internally, except for Sharepoint 2010.  I do not get any notifications via the syslog when the Sharepoint site doesn't load.

Anyone run into this problem and find a solution?  Cisco.com lists some incompatibilities with Sharepoint 2010, so perhaps this just doesn't work at all at current time?  Would like to know for sure though.  Thanks in advance for any assistance.
0
Comment
Question by:hachemp
2 Comments
 
LVL 4

Expert Comment

by:Zupreme
ID: 33571115
Please follow the following steps:

1) Identify the Hostname and the IP address of your SharePoint server.
2) Connect to the WebVPN and try connecting to SharePoint via IP address (i.e. http://192.168.x.x/default.aspx)
3a) If step 2 was successful, log into your ASA and configure the DNS settings for WebVPN, and ensure that you have an Access list that will allow DNS traffic
3b) If step 2 was unsuccessful, log into your ASA and ensure that you have an Access list that will allow HTTP/HTTPS, and ICMP between your WebVPN clients and your internal network.  Also disable NAT translation between the two networks.
0
 

Accepted Solution

by:
hachemp earned 0 total points
ID: 33572091
Thanks Zupreme, I attempted to try what you suggested, however, Sharepoint uses host headers, so even inside the network, the Sharepoint site will not load by IP address...it needs the full DNS entry.  I have not specifically added any settings for DNS for Clientless connections, but all other DNS resolves through the Clientless VPN, so I wouldn't think it was a problem with DNS, except....

I actually got it to work by enabling the Smart Tunnel option on that particular bookmark, but here's the catch: our internal DNS doesn't seem to work with Smart Tunneling.  The bookmarks that worked fine when not smart tunnelled, now are using external (internet) DNS once the smart tunnel option is enabled.  This is a problem as we don't actually own the external domain name corresponding with our internal domain name (sucks).  So to get it to work, our Sharepoint admin set up the Sharepoint site to be accessed by a port number, so my bookmark was (for example): 10.1.1.2:32784.  This works to get me to the Sharepoint site home page, but since Sharepoint wants host headers, a lot of the content on the page would not load correctly.

So now I'm trying to figure out why our internal DNS stops functioning once the bookmarks are configured with the Smart Tunnel option.  Any ideas?  Thanks again, I really appreciate the help on this.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let’s list some of the technologies that enable smooth teleworking. 
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now