Home > Articles > Cisco Network Technology > General Networking > Configuring Cisco ASA Clientless SSL VPN

Configuring Cisco ASA Clientless SSL VPN

Article Description

Sean Wilkins looks at Cisco's Clientless SSL feature, discussing some of the possible actions that it can support and providing the configuration commands that would be used to enable it to function on the Adaptive Security Appliance (ASA) platform.
Browser Plug-ins

Browser Plug-ins

One of the ways the functionality of the Clientless SSL VPN webpage can be extended is through the use of plug-ins that are uploaded to the ASA and installed. Once this is done, various other functionalities can be added.

Cisco distributes and recommends for main plug-ins, including the following:

  • Terminal Services (RDP)
  • Terminal Services, Vista, Windows 2003 R2 (RDP2)
  • Secure Shell/Telnet
  • Virtual Network Computing Services (VNC)

The configuration and installation of these plug-ins is very simple; the first step involves obtaining the plug-ins from Cisco. (These files are located under the ASA download software section of the Cisco website.)

Once the files have been retrieved. they must be uploaded to the ASA via TFTP; this process is similar to uploading updated software to the ASA (or any other Cisco device).

Once the plug-in has been placed on the ASA. the import configuration is simple and is shown in Table 4.

Table 4: Clientless SSL VPN Plug-in Importation


Import a WebVPN (Clientless SSL VPN) plug-in.

Note: The protocol for the Cisco distributed plug-ins include rdp, rdp2, ssh,telnet (no space), and vnc

asa#import webvpn plug-in protocol protocol URL

An example of what the Clientless SSL VPN webpage will look like after a plug-in has been imported is shown in Figure 4. For this example, the SSH/Telnet plug-in was imported.

Figure 4 Clientless SSL VPN plug-in example

5. Port Forwarding | Next Section Previous Section