Solved

What does "Shutdown portal login page" do

Posted on 2013-07-02
3
2,276 Views
Last Modified: 2013-07-02
Hi,

Please could someone explain to me what the following option does on a Cisco ASA:
"Shutdown portal login page"

You can enable this via the ASDM
Configuration > Remote Access VPN > Network (Client) Access > Anyconnect Connection Profiles > Login Page Settings
0
Comment
Question by:Sc0t
  • 2
3 Comments
 
LVL 14

Assisted Solution

by:Raj-GT
Raj-GT earned 500 total points
ID: 39292783
This will disable the SSL VPN Logon page by removing fields to enter username and passwords in effect disabling that anyconnect profile.
0
 

Author Comment

by:Sc0t
ID: 39292828
Hi Raj-GT,

Thank you for your reply.

Can you explain further if I want to create an Anyconnect VPN profile and want to install/configure the software manually on a host machine, if I disable the VPN login page will this also disable that VPN connection?

Reason I ask is we would prefer to install the software manually rather than having a user go to a webpage and have to download/install the Anyconnect software. We would also like it if the webportal page was disabled so that people on the Internet would not be able to try/guess usernames and passwords potentially letting them download and install the Anyconnect software with our profile.
0
 
LVL 14

Accepted Solution

by:
Raj-GT earned 500 total points
ID: 39293217
Correct. You cannot disable the portal page and have AnyConnect VPN working.

You can stop the auto installing of the SSL VPN client by not uploading the client pkg files to the ASA in the first place. This way only the clients with the software per-installed will work be able to connect to your VPN. (There is nothing stopping the user from installing the Cisco VPN client from other sources and connect to your VPN though.)

Brute force attacks are a problem with all SSL VPN solutions. You can use certificates or OTP tokens (I have used RSA and SafeWord with Cisco) to prevent this. Check the links below for more details on this.

http://www.cisco.com/en/US/docs/security/asa/asa80/asdm60/ssl_vpn_deployment_guide/deploy.html

http://www.cisco.com/en/US/docs/security/asa/asa91/asdm71/vpn/vpn_asdm_setup.html#wp1119491

Thanks.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco 2921 WIC card 2 59
ipsec tunnel between two small offices, best lowcost equipment 56 159
Cisco ASA LDAP Authentication for VPN and Management 8 36
CISCO Router 1 30
Using Windows 2008 RRAS, I was able to successfully VPN into the network, but I was having problems restricting my test user from accessing certain things on the network.  I used Google in order to try to find out how to stop people from accessing c…
Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question