Cisco WebVPN configuration on ASA

[mrCide]

We have a Cisco ASA5510 that was being used as our firewall as well as for VPN. We transitioned our firewall off of the unit to a Fortinet deal, but we're still using the ASA for VPN. VPN is currently configured and is working well with our users using the Cisco VPN client.

I've been asked to configure WebVPN (clientless) as an alternative for users to access intranet web sites, file shares, and remote (TS) servers. I've followed this guide: http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00806ea271.shtml and have some things working. I'm able to login and see the browse web and network boxes, but beyond that I really have no clue. The "Servers and URLs" section in the ASDM doesn't seem to be working how I'm expecting, nor is browsing anything, be it web site or file share -- not seeing how to pass credentials, etc.

Just got a pointless connection that I can't do anything with, anyone experienced with this who could provide some details? 🙂

 

[Jamsan]

For starters, make sure you have routes to and from your LAN both on the ASA and internal network side. From there, make sure there's no firewall preventing access to the inside. If everything is configured correctly at that point, you should get at least basic connectivity (browsing web sites by IP, etc.) From there, you can configure SSO if you're using LDAP (authenticate to AD enabled websites).

 

[mrCide]

Routes all seem to be in place since it was configured prior to me looking at it by a 3rd party who managed our network. Our users are currently just using the VPN client you install which is good, VPN from my iPhone works great. Just this webvpn junk, since I'm no pro here I'm not sure how to get basic connectivity once the user logs into the webvpn. I suppose once I get something to respond then I can move onto the next step which is authenticate 🙂