Rdp plug-in activex debug quick reference – Cisco ASA 5505 User Manual

Page 1690

Advertising
background image

74-104

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 74 Configuring Clientless SSL VPN

Configuring Browser Access to Client-Server Plug-ins

Prerequisites

The plug-ins do not work if the security appliance configures the clientless session to use a proxy
server.

Note

The remote desktop protocol plug-in does not support load balancing with a session broker.
Because of the way the protocol handles the redirect from the session broker, the connection
fails. If a session broker is not used, the plug-in works.

The plug-ins support single sign-on (SSO). They use the same credentials entered to open the
clientless SSL VPN session. Because the plug-ins do not support macro substitution, you do not
have the options to perform SSO on different fields such as the internal domain password or on an
attribute on a RADIUS or LDAP server.

To configure SSO support for a plug-in, you install the plug-in, add a bookmark entry to display a
link to the server, and specify SSO support when adding the bookmark.

The minimum access rights required for remote use belong to the guest privilege mode.

Requirements

Per the GNU General Public License (GPL), Cisco redistributes plug-ins without having made any
changes to them. Per the GPL, Cisco cannot directly enhance these plug-ins.

Clientless SSL VPN must be enabled on the ASA to provide remote access to the plug-ins.

A stateful failover does not retain sessions established using plug-ins. Users must reconnect
following a failover.

Plug-ins require ActiveX or Sun JRE 5, Update 1.4 or later (JRE 6 or later recommended) to be
enabled on the browser. An ActiveX version of the RDP plug-in is unavailable for 64-bit browsers.

RDP Plug-in ActiveX Debug Quick Reference

To set up and use an RDP plug-in, you must add a new environment variable. For the process of adding
a new environment variable, use the following steps:

Step 1

Right-click My Computer to access the System Properties and choose the Advanced tab.

Step 2

On the Advanced tab, choose the environment variables button.

Step 3

In the new user variable dialog box, enter the RF_DEBUG variable.

Step 4

Verify the new Environment Variable in the user variables section.

Step 5

If you used the client computer with versions of WebVPN before version 8.3, you must remove the old
Cisco Portforwarder Control. Go to the C:/WINDOWS/Downloaded Program Files directory, right-click
portforwarder control, and choose Remove.

Step 6

Clear all of the Internet Explorer browser cache.

Step 7

Launch your WebVPN session and establish an RDP session with the RDP ActiveX Plug-in.

You can now observe events in the Windows Application Event viewer.

Advertising