What does "Shutdown portal login page" do

Hi,

Please could someone explain to me what the following option does on a Cisco ASA:
"Shutdown portal login page"

You can enable this via the ASDM
Configuration > Remote Access VPN > Network (Client) Access > Anyconnect Connection Profiles > Login Page Settings
Sc0tAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Raj-GTConnect With a Mentor Systems EngineerCommented:
Correct. You cannot disable the portal page and have AnyConnect VPN working.

You can stop the auto installing of the SSL VPN client by not uploading the client pkg files to the ASA in the first place. This way only the clients with the software per-installed will work be able to connect to your VPN. (There is nothing stopping the user from installing the Cisco VPN client from other sources and connect to your VPN though.)

Brute force attacks are a problem with all SSL VPN solutions. You can use certificates or OTP tokens (I have used RSA and SafeWord with Cisco) to prevent this. Check the links below for more details on this.

http://www.cisco.com/en/US/docs/security/asa/asa80/asdm60/ssl_vpn_deployment_guide/deploy.html

http://www.cisco.com/en/US/docs/security/asa/asa91/asdm71/vpn/vpn_asdm_setup.html#wp1119491

Thanks.
0
 
Raj-GTConnect With a Mentor Systems EngineerCommented:
This will disable the SSL VPN Logon page by removing fields to enter username and passwords in effect disabling that anyconnect profile.
0
 
Sc0tAuthor Commented:
Hi Raj-GT,

Thank you for your reply.

Can you explain further if I want to create an Anyconnect VPN profile and want to install/configure the software manually on a host machine, if I disable the VPN login page will this also disable that VPN connection?

Reason I ask is we would prefer to install the software manually rather than having a user go to a webpage and have to download/install the Anyconnect software. We would also like it if the webportal page was disabled so that people on the Internet would not be able to try/guess usernames and passwords potentially letting them download and install the Anyconnect software with our profile.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.