1-38
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Clientless SSL VPN
Configuring Browser Access to Plug-ins
A browser plug-in is a separate program that a web browser invokes to perform a dedicated function,
such as connect a client to a server within the browser window. The ASA lets you import plug-ins for
download to remote browsers in clientless SSL VPN sessions. Of course, Cisco tests the plug-ins it
redistributes, and in some cases, tests the connectivity of plug-ins we cannot redistribute. However, we
do not recommend importing plug-ins that support streaming media at this time.
The ASA does the following when you install a plug-in onto the flash device:
• (Cisco-distributed plug-ins only) Unpacks the jar file specified in the URL.
• Writes the file to the ASA file system.
• Populates the drop-down menu next to the URL attributes in ASDM.
• Enables the plug-in for all future clientless SSL VPN sessions, and adds a main menu option and an
option to the drop-down menu next to the Address field of the portal page.
Table 1-5 shows the changes to the main menu and address field of the portal page when you add the
plug-ins described in the following sections.
* Not a recommended plug-in.
When the user in a clientless SSL VPN session clicks the associated menu option on the portal page, the
portal page displays a window to the interface and displays a help pane. The user can select the protocol
displayed in the drop-down menu and enter the URL in the Address field to establish a connection.
The plug-ins support single sign-on (SSO). Refer to the “Configuring SSO with the HTTP Form
Protocol” section on page 1-23 for implementation details.
The minimum access rights required for remote use belong to the guest privilege mode.
Prerequisites
• Clientless SSL VPN must be enabled on the ASA to provide remote access to the plug-ins.
• To configure SSO support for a plug-in, you install the plug-in, add a bookmark entry to display a
link to the server, and specify SSO support when adding the bookmark.
• The minimum access rights required for remote use belong to the guest privilege mode.
• Plug-ins require ActiveX or Oracle Java Runtime Environment (JRE), see the compatibility matrix
for version requirements.
Table 1-5 Effects of Plug-ins on the Clientless SSL VPN Portal Page
Plug-in Main Menu Option Added to Portal Page Address Field Option Added to Portal Page
ica Citrix MetaFrame Services ica://
rdp Terminal Servers rdp://
rdp2* Terminal Servers Vista rdp2://
ssh,telnet Secure Shell ssh://
Telnet services (supporting v1 and v2) telnet://
vnc Virtual Network Computing services vnc://
To Next Page
Loading...
Need help?
General
