Solved

What does "Shutdown portal login page" do

Posted on 2013-07-02
3
2,108 Views
Last Modified: 2013-07-02
Hi,

Please could someone explain to me what the following option does on a Cisco ASA:
"Shutdown portal login page"

You can enable this via the ASDM
Configuration > Remote Access VPN > Network (Client) Access > Anyconnect Connection Profiles > Login Page Settings
0
Comment
Question by:Sc0t
  • 2
3 Comments
 
LVL 14

Assisted Solution

by:Raj-GT
Raj-GT earned 500 total points
Comment Utility
This will disable the SSL VPN Logon page by removing fields to enter username and passwords in effect disabling that anyconnect profile.
0
 

Author Comment

by:Sc0t
Comment Utility
Hi Raj-GT,

Thank you for your reply.

Can you explain further if I want to create an Anyconnect VPN profile and want to install/configure the software manually on a host machine, if I disable the VPN login page will this also disable that VPN connection?

Reason I ask is we would prefer to install the software manually rather than having a user go to a webpage and have to download/install the Anyconnect software. We would also like it if the webportal page was disabled so that people on the Internet would not be able to try/guess usernames and passwords potentially letting them download and install the Anyconnect software with our profile.
0
 
LVL 14

Accepted Solution

by:
Raj-GT earned 500 total points
Comment Utility
Correct. You cannot disable the portal page and have AnyConnect VPN working.

You can stop the auto installing of the SSL VPN client by not uploading the client pkg files to the ASA in the first place. This way only the clients with the software per-installed will work be able to connect to your VPN. (There is nothing stopping the user from installing the Cisco VPN client from other sources and connect to your VPN though.)

Brute force attacks are a problem with all SSL VPN solutions. You can use certificates or OTP tokens (I have used RSA and SafeWord with Cisco) to prevent this. Check the links below for more details on this.

http://www.cisco.com/en/US/docs/security/asa/asa80/asdm60/ssl_vpn_deployment_guide/deploy.html

http://www.cisco.com/en/US/docs/security/asa/asa91/asdm71/vpn/vpn_asdm_setup.html#wp1119491

Thanks.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Like many others, when I created a Windows 2008 RRAS VPN server, I connected via PPTP, and still do, but there are problems that can arise from solely using PPTP.  One particular problem was that the CFO of the company used a Virgin Broadband Wirele…
Some of you may have heard that SonicWALL has finally released an app for iOS devices giving us long awaited connectivity for our iPhone's, iPod's, and iPad's. This guide is just a quick rundown on how to get up and running quickly using the app. …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now