Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

ASA SSL VPN

Posted on 2013-06-30
8
305 Views
Last Modified: 2013-07-22
We are planning to publish our application URL so that users access this URL from any where.
The access will be through https.
Would like to check if ASA is the best option or is there any other solution which can address this requirement.

Also let me know what type of authentication does Cisco ASA provides for this kind of access.
What are the requirements required for this deployment in Cisco ASA.
0
Comment
Question by:SrikantRajeev
  • 5
  • 3
8 Comments
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39288986
Any help
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39289639
Any help
0
 
LVL 20

Assisted Solution

by:rauenpc
rauenpc earned 500 total points
ID: 39290048
I'm unsure what you mean by "publishing our application url". Do you mean that you have a web server that you'd like to allow users on the internet to access? Do you want them to access the application directly, or were you thinking to use the ASA as a proxy by using clientless SSL VPN? I'm just trying to get a hold of the situation.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39292099
thanks
I am planning to use ASA as a proxy by using Clientless SSL VPN.
Yes there is a application behind the firewall which is accessed through https by which we would like to users to access it through internet.
0
 
LVL 20

Assisted Solution

by:rauenpc
rauenpc earned 500 total points
ID: 39292104
The asa should be able to handle this without much issue. However.... depending on how the application is secured you may want to consider single sign on. The users will need to first log in to the anyconnect portal, and then when they access the application their credentials dont automatically pass through by default so users will have to essentially sign in twice. Also don't forget to make sure you have the correct licensing. I believe client less is considered anyconnect premium.
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39292144
thanks & few clarification.
Does this mean if the user starts to access the application the 1st page which gets displayed will be the ASA Any connect portal ? - Let me know if my understanding is right.
Will this authentication will be on the local ASA server ?
Once the user is authenticated then the 2nd level of authentication will be Application authentication ? - Let me know if my understanding is right.

Also let me know if any client or any software it requires to be installed in the client PC/Laptop.
0
 
LVL 20

Accepted Solution

by:
rauenpc earned 500 total points
ID: 39292165
You would have two levels of authentication if the application needed authentication. No client would need to be installed, but java might need to be installed.

Alternately, you may want to look at cut through proxy. Google searching will give you an idea what that's all about.
0
 
LVL 1

Author Closing Comment

by:SrikantRajeev
ID: 39346903
Thanks
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
WLC 5508 controller configuration 4 98
Connect two buildings 6 47
Accessing two networks from one PC 30 110
Top honey pots & reviews of canary 7 22
As companies replace their old PBX phone systems with Unified IP Communications, many are finding out that legacy applications such as fax do not work well with VoIP. Fortunately, Cloud Faxing provides a cost-effective alternative that works over an…
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question