72-31
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter72 Configuring Clientless SSL VPN
Configuring Browser Access to Plug-ins
rdp to provide plug-in access to Remote Desktop Protocol services. Then specify the path to
the rdp-plugin.jar file in the Remote Server field.
ssh,telnet to provide plug-in access to both Secure Shell and Telnet services. Then specify the
path to the ssh-plugin.jar file in the Remote Server field.
vnc to provide plug-in access to Virtual Network Computing services. Then specify the path to
the vnc-plugin.jar file in the Remote Server field.
Note Any undocumented options in this menu are experimental and are not supported.
Select a file—Click one of the following options and insert a path into its text field.
Local computer—Click to retrieve the plug-in from the computer with which you have
established the ASDM session. Enter the location and name of the plug-in into the associated
Path field, or click Browse Local Files and navigate to the plug-in, choose it, then click Select.
Flash file system—Click if the plug-in is present on the file system of the ASA. Enter the
location and name of the plug-in into the associated Path field, or click Browse Flash and
navigate to the plug-in, choose it, then click OK.
Remote Server—Click to retrieve the plug-in from a host running an FTP or TFTP server.
Choose ftp, tftp, or HTTP from the drop-down menu next to the associated Path attribute,
depending on which service is running on the remote server. Enter the host name or address of
the server and the path to the plug-in into the adjacent text field.
Step6 Click Import Now.
Step7 Click Apply.
The plug-in is now available for future clientless SSL VPN sessions.
Providing Access to Third-Party Plug-ins
The open framework of the security appliance lets you add plug-ins to support third-party Java
client/server applications. The POST plug-in was developed to solve some key single sign-on (SSO) and
homepage requirements for certain applications like Citrix Web Interface. This clientless SSL VPN
plug-in as the following key capabilities:
The option to display the homepage for a Web application (such as Citrix) in the right frame, as part
of the default clientless portal, or as the only frame in the page (completely hiding anything that is
part of the Cisco portal).
The option for SSO on the homepage or with an application using WebVPN variables (also known
as macros) (and therefore HTTP-POST parameters).
The option to preload a page before issuing a POST request. This option becomes necessary when
a logon page for an application sets some cookies.
Restrictions
Cisco does not provide direct support for or recommend any particular plug-ins that are not
redistributed by Cisco. As a provider of clientless SSL VPN services, you are responsible for
reviewing and complying with any license agreements required for the use of plug-ins.
It is strictly an HTML/JavaScript code and not a JAVA plug-in. It contains no client components.