?
Solved

ASA SSL VPN

Posted on 2013-06-30
8
Medium Priority
?
311 Views
Last Modified: 2013-07-22
We are planning to publish our application URL so that users access this URL from any where.
The access will be through https.
Would like to check if ASA is the best option or is there any other solution which can address this requirement.

Also let me know what type of authentication does Cisco ASA provides for this kind of access.
What are the requirements required for this deployment in Cisco ASA.
0
Comment
Question by:SrikantRajeev
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
8 Comments
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39288986
Any help
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39289639
Any help
0
 
LVL 20

Assisted Solution

by:rauenpc
rauenpc earned 2000 total points
ID: 39290048
I'm unsure what you mean by "publishing our application url". Do you mean that you have a web server that you'd like to allow users on the internet to access? Do you want them to access the application directly, or were you thinking to use the ASA as a proxy by using clientless SSL VPN? I'm just trying to get a hold of the situation.
0
Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39292099
thanks
I am planning to use ASA as a proxy by using Clientless SSL VPN.
Yes there is a application behind the firewall which is accessed through https by which we would like to users to access it through internet.
0
 
LVL 20

Assisted Solution

by:rauenpc
rauenpc earned 2000 total points
ID: 39292104
The asa should be able to handle this without much issue. However.... depending on how the application is secured you may want to consider single sign on. The users will need to first log in to the anyconnect portal, and then when they access the application their credentials dont automatically pass through by default so users will have to essentially sign in twice. Also don't forget to make sure you have the correct licensing. I believe client less is considered anyconnect premium.
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39292144
thanks & few clarification.
Does this mean if the user starts to access the application the 1st page which gets displayed will be the ASA Any connect portal ? - Let me know if my understanding is right.
Will this authentication will be on the local ASA server ?
Once the user is authenticated then the 2nd level of authentication will be Application authentication ? - Let me know if my understanding is right.

Also let me know if any client or any software it requires to be installed in the client PC/Laptop.
0
 
LVL 20

Accepted Solution

by:
rauenpc earned 2000 total points
ID: 39292165
You would have two levels of authentication if the application needed authentication. No client would need to be installed, but java might need to be installed.

Alternately, you may want to look at cut through proxy. Google searching will give you an idea what that's all about.
0
 
LVL 1

Author Closing Comment

by:SrikantRajeev
ID: 39346903
Thanks
0

Featured Post

Turn your laptop into a mobile console!

The CV211 Laptop USB Console Adapter provides a direct Laptop-to-Computer connection for fast and easy remote desktop access with no software to install.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question