Solved

ASA SSL VPN

Posted on 2013-06-30
8
302 Views
Last Modified: 2013-07-22
We are planning to publish our application URL so that users access this URL from any where.
The access will be through https.
Would like to check if ASA is the best option or is there any other solution which can address this requirement.

Also let me know what type of authentication does Cisco ASA provides for this kind of access.
What are the requirements required for this deployment in Cisco ASA.
0
Comment
Question by:SrikantRajeev
  • 5
  • 3
8 Comments
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39288986
Any help
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39289639
Any help
0
 
LVL 20

Assisted Solution

by:rauenpc
rauenpc earned 500 total points
ID: 39290048
I'm unsure what you mean by "publishing our application url". Do you mean that you have a web server that you'd like to allow users on the internet to access? Do you want them to access the application directly, or were you thinking to use the ASA as a proxy by using clientless SSL VPN? I'm just trying to get a hold of the situation.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39292099
thanks
I am planning to use ASA as a proxy by using Clientless SSL VPN.
Yes there is a application behind the firewall which is accessed through https by which we would like to users to access it through internet.
0
 
LVL 20

Assisted Solution

by:rauenpc
rauenpc earned 500 total points
ID: 39292104
The asa should be able to handle this without much issue. However.... depending on how the application is secured you may want to consider single sign on. The users will need to first log in to the anyconnect portal, and then when they access the application their credentials dont automatically pass through by default so users will have to essentially sign in twice. Also don't forget to make sure you have the correct licensing. I believe client less is considered anyconnect premium.
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39292144
thanks & few clarification.
Does this mean if the user starts to access the application the 1st page which gets displayed will be the ASA Any connect portal ? - Let me know if my understanding is right.
Will this authentication will be on the local ASA server ?
Once the user is authenticated then the 2nd level of authentication will be Application authentication ? - Let me know if my understanding is right.

Also let me know if any client or any software it requires to be installed in the client PC/Laptop.
0
 
LVL 20

Accepted Solution

by:
rauenpc earned 500 total points
ID: 39292165
You would have two levels of authentication if the application needed authentication. No client would need to be installed, but java might need to be installed.

Alternately, you may want to look at cut through proxy. Google searching will give you an idea what that's all about.
0
 
LVL 1

Author Closing Comment

by:SrikantRajeev
ID: 39346903
Thanks
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and inf…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question