RDP problem without client

I have a Cisco ASA 5510 8.4.3 running code with the latest plugin installed RDP. Links on the portal without RDP client worked fine until recently. Now the RDP session will start and display the Windows login, but after the connection, the session hangs and you are immediately redirected to the homepage portal of the ASA. RDP works very well when you are using the Windows client and connected via Anyconnect. This only happens when you use IE with ActiveX. Java still works fine. This problem seems to have started after that Microsoft May patches have been released, but I'm running 8.4.3 so the kill bits issue should not be a problem.

Hi Allen,.

If I'm wrong, not the only app that has been affected due to the updated Microsoft's RDP. It is because of the update from Microsoft Security KB 2695962. For more information please visit:

http://TechNet.Microsoft.com/en-us/security/advisory/2695962

The resolution can be found to this:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asaclient.

Although this link provide a workaround, but I have not seen this work.

There are two options to make it work:

1. either uninstall the specified security update

2. upgrade code 8.4 (3.8) (Note: this is not available on cisco.com) but you can improve the ASA to 8.4 (3.9) interim which is available on cisco.com.

I do not know if you shared the exact version of the code that you run on your ASA however if you are running

asa843 - k8.bin, then you will need to follow the steps mentioned above.

Please try running RDP after trying these two steps and let me know if this can help.

Thank you

Vishnu Sharma

Tags: Cisco Security

Similar Questions

VPN without client, RDP Audio

Hello.

I use the VPN client without client to connect to our ASA5510 to 8.3. I use remote desktop to connect to an internal machine. It works very well with the ActiveX and Java.

One thing I want, is to leave the room audio to the remote computer.

Is there a command line for this switch? As "geometry", "console" and so on.

Peter

Hi Peter,.

RDP Audio redirection exists but only for the ActiveX version of the plugin, not the Java one.
Here is how you should define your bookmark if you want to use this feature:

rdp:///?audio=X

Where X can be:

0: Redirect remote sounds to the client computer.

1: Play sounds at the remote computer.

2: Disable sound redirection; do not play sounds at the remote server.

Kind regards

Nicolas

RDP problem :)

Like most RDP problems, this one is very interesting.

I have a Server Windows 2008 R2 have no problem RDPing to. It is functional for 2 years...

Come to find someone I work with is unable to RDP to it. Clearly, there seems to be a problem on his workstation, but I am unable to find a rhyme or reason.

Facts:

Problem workstation, win 7, can RDP to any other server in the environment.

Workstation problem using the latest version of the RDP client.

I can RDP to the workstation server problem (another sense) issue.

I created a new profile on the position of the problem and tried to RDP without credentials saved... didn't work.

Any profile on the position of the problem that I use, I can always telnet to the server on 3389

Yes, it's listening on 3389 since I can get it from other machines

I am unable to find a log file referring to any kind of problem (not really how to for debugging)

While I'm trying to connect, do a netstat - ano shows a connection on the workstation to the server problem

I ping the server by name and the ip address of the workstation problem

I'll probably make a capture of packets at both ends, the problem is the server is the production and work station is heavily used throughout the day.

any ideas?

Hello

Depending on your answer, your computer is connected to a domain network that includes various policies that govern your system and can affect the basic operation of a stand-alone system. So, I suggest you to republish your query on the TechNet forum for best expertise on this issue.

TechNet Forum

http://social.technet.Microsoft.com/forums/en-us/home?category=w7itpro

All the best!

AnyConnect and SSL - VPN without client

Are there problems in running Cisco AnyConnect and SSL - VPN without client side by side?

I am currently looking into adding features for an ASA AnyConnect who currently set up to operate without SSL - VPN client. The system without client is not removed. I don't know how to set it up, I wonder if someone has already set up this or if there is no problem with this Setup?

Hi Daniel

It's a little complicated if you want a granular authentication and authorization, but it works.

I'm running an ASA with IPSec, SSL Client and clientless SSL.

Each of these virtual private networks with user/one-time-password name and certificate based authentic.

The main challenge is to put in place its own structure of profile cards, connection profiles, group policies and dynamic access policies.

Feel free to ask questions...

Stephan

USB modem stop working after long time and I have to unplug then plug it in again, I want to solve this problem without unplugging and plug?

USB modem stop working after long time and I have to unplug then plug it in again, I want to solve this problem without unplugging and plug?

Hi ahmedman_10,

· You follow the steps in the article of my previous answer?

Follow these steps in my previous answer and at the same time this article, follow these methods.

Method 1: Follow the steps in the article.

USB port may stop working after you remove or insert a USB device

Method 2: Update the latest drivers for chipset.

How to manage devices in Windows XP

For reference:

Why my computer does not detect my new USB device when I run Windows XP or Windows Server 2003?

Whenever I try to download something, he said that he could not access APPDATA Error 1606. How can I solve this problem without any of my stuff getting deleted?

Whenever I try to download something, he said that he could not access APPDATA Error 1606. How can I solve this problem without any of my stuff getting deleted?

Hello

1. what Internet browser do you use?

2 are you having the same problem with other browsers also?

Method 1: I suggest you try SFC running [System File Checker] scan on the computer that would be a system file corrupt on the computer search and replace.

http://support.Microsoft.com/kb/929833

Method 2: If the problem persists, you can try the steps mentioned below and check if it helps.

(a) click Start.
(b) type regedit in the Start Search and press enter.
(c) access the site mentioned below.

"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders"

(d) then change the appdata read "% USERPROFILE%\AppData\Roaming" thing

Note: This section, method, or task contains steps that tell you how to modify the registry. However, serious problems can occur if you modify the registry incorrectly. Therefore, make sure that you proceed with caution. For added protection, back up the registry before you edit it. Then you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click on the number below to view the article in the Microsoft Knowledge Base:
322756 (http://support.microsoft.com/kb/322756/)
How to back up and restore the registry in Windows

Hope this information is useful.

External hard drive does not work. Is there another way I could solve the problem without formatting the external hard drive?

My external hard drive works. I tried to plug and when I tried to open it, it says to format the drive until I could use it. Everything works well as when I plugged the USB icon shown on the screen. When I check the disk management, it showed that the partition of the drive is there.

I tried to change the drive letters, but still having the same problem. I also tried to run the disk check on the command prompt and the properties of the drive, but it still can not because there is error popping up saying that the disk check cannot be performed because Windows cannot access the disk.

Is there another way I could solve the problem without formatting the external hard drive?

I tried the first step in troubleshooting the hard drive, but it gives a
error in saying that "hardware changes might not have been detected.

So I tried the second method, and when I click on the "Check now" button his
gives an error saying that "the disk check cannot be performed because .
Windows can not access the disk".".

So is there any other way or option?

Thank you

Jason

Disable without client/browser based VPN.

Guy of HU,

I want to disable VPN access without client in our ASA.

I saw this configuration in ASA:

WebVPN
allow outside
allow inside
AnyConnect essentials
SVC disk0:/anyconnect-win-3.1.01065-k9.pkg 1 image
SVC disk0:/anyconnect-linux-2.4.0202-k9.pkg 2 image
Picture disk0:/anyconnect-macosx-i386-2.4.0202-k9.pkg 3 SVC
enable SVC
tunnel-group-list activate

I disabled the Webvpn with the command "No webvpn. But it looks like that it deactivated the VPN access without customer and with the customer.

Can someone help me with this please?

FC

Hello

By default, you would not be able to access without VPN client anyconnect essential you've enabled in config.

So if you need to disable webvpn access you allow only ssl-client protocol under config group policy.

Discover this config:

ASA - SSLVPN (config) # group - polished

In-house strategy group SSLVPN_ASA ASA - SSLVPN (config) #.

Attributes of SSLVPN_ASA strategy group ASA-SSLVPN (config) #.

Split-tunnel-policy tunnelspecified ASA - SSLVPN (config - Group - Policy) #.

Value of split-tunnel-network-list ASA - SSLVPN (config - Group - Policy) # SPLIT_TUNNEL

ASA - SSLVPN(config-Group-Policy) # Protocol vpn tunnel?

orders/options mode group policy:

IKEv1 IKE version 1

IKEv2 IKE version 2

L2TP ipsec L2TP with IPSec for security

SSL-client SSL VPN Client

SSL-clientless clientless SSL VPN

ASA - SSLVPN(config-Group-Policy) # tunnel - vpn-client-ssl Protocol

But since you have anyconnect essentials enabled in config webvpn you would have no access to clientless VPN.

He only let you to access the services of the Anyconnect client.

Kind regards

Aditya

Please evaluate the useful messages and mark the correct answers.

Can not type 'url-list' without client Anyconnect VPN setup

Hi I am trying set Anyconnect VPN client based on Cisco documents below. There is a command like below. When I typed 'url-list', I can't enter.

Here is example of Cisco:

WebVPN
allow outside
list of URLS ServerList "WSHAWLAP" cifs://10.2.2.2 1
list of URLS ServerList "FOCUS_SRV_1" https://10.2.2.3 2
list of URLS ServerList "FOCUS_SRV_2" http://10.2.2.4 3

Here's my ASA:

VPNFW-70/PRI/Act(config-WebVPN) # url -?

set up the mode commands/options:
URL-block url-url-cache server

My ASA has no choice of the list of URLs when you type '?

Can anyone give me some suggestions? Thank you.

http://www.Cisco.com/c/en/us/support/docs/security/ASA-5500-x-series-NEX...

Hello

In the 7.x code all customizations without client was included in the running configuration.
However, referring to this document from cisco:- http://goo.gl/XRkrcO, you can see that this command has been deprecated in 8.X ASA codes.

The best way to configure the bookmarks will use the ASDM or create them on a server and then bring import them to ASA.

Why we can not create bookmarks CLI?

With the introduction of 8.x many more options have been added, allowing greater flexibility. These new options would make the running configuration passes, so they were moved into separate xml files. Indeed, it eliminated the ability to configure a list of bookmark via the CLI.

For more information on this discussion, please refer to this thread: -.
https://supportforums.Cisco.com/discussion/11010546/how-do-i-create-URL-bookmark-WebVPN-Portal-CLI

Kind regards
Dinesh Moudgil

PS Please rate helpful messages.

URL for access without client on SAA

Hello

I have an ASA with anyconnect configured profiles.

In one of these profiles, I want to activate VPN without client.

When I go to https://[asa address] get the instalation Anyconnect page.

How to make in the portal for client access?

Based on the above information, you can't clientless SSL VPN that you have active AnyConnect Essentials.

I saw that you have a license 2 (AnyConnect Essentials and AnyConnect Premium (10)), however, you can only activate one or the other, not both at the same time.

based on your webvpn configuration:

WebVPN

allow outside

AnyConnect essentials

You anyconnect essentials enabled, so you cannot have the premium activated anyconnect.

If you want to test the premium for clientless ssl vpn license, you will need to temporarily disable the anyconnect essentials.

to disable:

WebVPN

No anyconnect essentials

Hope that clears up the confusion.

CSD before logon with VPN policy without client check

I'm testing the CSD before political logon controls while I use the VPN without client. I found that if java is not detected then I will this information, "Weblaunch for Cisco Secure Desktop has failed. If you want to manually start the Cisco Secure Desktop, you can download a native Cisco Secure Desktop Launcher. »

But underneath, I also see "or log in using the link below (some resources may not be available):
Login»

This means that I can bypass the verification before opening of political of CSD session if JAVA is not installed.

Is this good? or I do not miss anything?

You can use Dynamic Access policies (RAP) to perform additional checks. These controls to use CSD and if CDD is not running (or bypass) the DfltAccessPolicy is applied. You can set it to terminate the connection and display a message to the user. Before the DfltAccessPolicy you must have a permissive policy where check you something that is always true (e.g. the all kinds of operating systems) and the value of the action to continue.

If you do not have only clientless connections additional tuning may be necessary.

Update:

A good docs on the verification of existence of CSD:

https://supportforums.Cisco.com/docs/doc-8283

SSL VPN without client

Hi all

I would like to know if, in confuring a SSL VPN mode without client, servers, I need to access must be directly connected to the VPN gateway?

Thank you in advance.

Servers can be anywhere in the network, but routing should be in place to reach VPN gateway.

Thank you

Ajay

I need help with a 1706.Does error message, someone knows how to solve this problem without cost me?

Someone will help me fjnd out what to do and how to fix it. My problem is when I try to install anything, I get an error message 1706. can anyone help me solve this problem without cost me fifty dollars or more

See:

You receive an "error 1706. Setup cannot find the required files...

Update for the application manager has failed. Impossible to reinstall. Cannot use my apps. Get the 43 error message when I try to re - install. Is it possible to fix this problem without a wipe and load?

Update for the application manager has failed. Impossible to reinstall. Cannot use my apps. Get the 43 error message when I try to re - install. Is it possible to fix this problem without a wipe and load?

Error 43 https://forums.adobe.com/thread/2070909

Without client VMware View

Setting up a server of security for our Organization. Initially, I was happy because I imagined that most of our users could potentially connect to our farm from view with no client installation needed and simply make use of the RDP in Windows client. However, it quickly became obvious that the VMware View Client must be on the system before connecting. If the view Client simply uses RDP to connect to the farm from the view in any case, why should a download client? It would be a huge advantage over Citrix, if it was made possible.
Philippe

You can have your users go to the web address of the server your connection and you connect this way. It automatically installs the client. If it works for you?

RDP problem without client

Similar Questions

Maybe you are looking for