74-113
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter74 Configuring Clientless SSL VPN
Configuring Remote Systems to Use Clientless SSL VPN Features
b. Verify that no JAVA icons are in the computer task bar.
c. Close all instances of JAVA.
d. Establish a clientless SSL VPN session and launch the port forwarding JAVA applet.
You must have Javascript enabled on the browser. By default, it is enabled.
If necessary, you must configure client applications.
Note The Microsoft Outlook client does not require this configuration step. All non-Windows
client applications require configuration. To determine if configuration is necessary for a
Windows application, check the value of the Remote Server field. If the Remote Server field
contains the server hostname, you do not need to configure the client application. If the
Remote Server field contains an IP address, you must configure the client application.
Restrictions
Because this feature requires installing Sun Microsystems Java™ Runtime Environment and configuring
the local clients, and because doing so requires administrator permissions on the local system or full
control of C:\windows\System32\drivers\etc, it is unlikely that users will be able to use applications
when they connect from public remote systems.
Detailed Steps
.To configure the client application, use the server’s locally mapped IP address and port number. To find
this information:
1. Start a clientless SSL VPN session and click the Application Access link on the Home page. The
Application Access window appears.
2. In the Name column, find the name of the server you want to use, then identify its corresponding
client IP address and port number (in the Local column).
3. Use this IP address and port number to configure the client application. Configuration steps vary for
each client application.
Note Clicking a URL (such as one in an -e-mail message) in an application running over a clientless
SSL VPN session does not open the site over that session. To open a site over the session, paste
the URL into the Enter Clientless SSL VPN (URL) Address field.
Using E-mail Via Port Forwarding
To use e-mail, start Application Access from the clientless SSL VPN home page. The mail client is then
available for use.
Note If you are using an IMAP client and you lose your mail server connection or are unable to make a new
connection, close the IMAP application and restart clientless SSL VPN.
Prerequisites
You must fulfill requirements for application access and other mail clients.