Rdp plug-in activex debug quick reference – Cisco ASA 5505 User Manual

74-104

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 74 Configuring Clientless SSL VPN

Configuring Browser Access to Client-Server Plug-ins

Prerequisites

•

The plug-ins do not work if the security appliance configures the clientless session to use a proxy
server.

Note

The remote desktop protocol plug-in does not support load balancing with a session broker.
Because of the way the protocol handles the redirect from the session broker, the connection
fails. If a session broker is not used, the plug-in works.

•

The plug-ins support single sign-on (SSO). They use the same credentials entered to open the
clientless SSL VPN session. Because the plug-ins do not support macro substitution, you do not
have the options to perform SSO on different fields such as the internal domain password or on an
attribute on a RADIUS or LDAP server.

•

To configure SSO support for a plug-in, you install the plug-in, add a bookmark entry to display a
link to the server, and specify SSO support when adding the bookmark.

•

The minimum access rights required for remote use belong to the guest privilege mode.

Requirements

•

Per the GNU General Public License (GPL), Cisco redistributes plug-ins without having made any
changes to them. Per the GPL, Cisco cannot directly enhance these plug-ins.

•

Clientless SSL VPN must be enabled on the ASA to provide remote access to the plug-ins.

•

A stateful failover does not retain sessions established using plug-ins. Users must reconnect
following a failover.

•

Plug-ins require ActiveX or Sun JRE 5, Update 1.4 or later (JRE 6 or later recommended) to be
enabled on the browser. An ActiveX version of the RDP plug-in is unavailable for 64-bit browsers.

RDP Plug-in ActiveX Debug Quick Reference

To set up and use an RDP plug-in, you must add a new environment variable. For the process of adding
a new environment variable, use the following steps:

Step 1

Right-click My Computer to access the System Properties and choose the Advanced tab.

Step 2

On the Advanced tab, choose the environment variables button.

Step 3

In the new user variable dialog box, enter the RF_DEBUG variable.

Step 4

Verify the new Environment Variable in the user variables section.

Step 5

If you used the client computer with versions of WebVPN before version 8.3, you must remove the old
Cisco Portforwarder Control. Go to the C:/WINDOWS/Downloaded Program Files directory, right-click
portforwarder control, and choose Remove.

Step 6

Clear all of the Internet Explorer browser cache.

Step 7

Launch your WebVPN session and establish an RDP session with the RDP ActiveX Plug-in.

You can now observe events in the Windows Application Event viewer.