No announcement yet.

cisco vpn over https

  • Filter
  • Time
  • Show
Clear All
new posts

  • cisco vpn over https

    I wanted to create a new citrix metaframe here (At my new job), and was denied by my managers, so I am looking into doing this instead.

    I have read about this, but I am wondering if anyone has done this yet, so that the cisco vpn client is not needed, and you can connect by just hitting a secure web page.

    Easy or no??
    Last edited by aschwartz; 12th January 2009, 17:17.

  • #2
    Re: cisco vpn over https

    It depends on the Router and IOS you are running..

    I run a ASA 5510 and I purchased 10 SSL Licenses.
    w/ 8.04 (I believe)

    The ASA calls it webvpn and there are several options.
    1) Download / run the client from the web site (via Java)
    ^^ Functions the same as a standard VPN except no preinstalled software
    2) Configure a "Portal" to allow access to the network

    A few limitations I have found..
    > Java is not created equally and some people can RDP into my Terminal server with no errors, others crash and have to reload.
    > The SSL License is not given back to the router on discconect (IE: I Logout and the stsrem keeps the license in use until I timeout from the settings)
    > Split Tunnelling is completely ignored

    * And yes, I have an active contract with Cisco and they tell me things will keep getting better with each new release of the os. *

    The best option is still #1 as it will give full VPN access to your clients, without random crashes. It essentially converts them to VPN Clients instead of true "Clientless VPN", but until they work out the bugs I prefer my phone not ring all the time.

    Anyone else have any thoughts?