WEBVPN ASA 9.1 + VMWARE VDI

Similar Questions

• WebVPN ASA "Customization of help" is not up to date

  Hello

  I have a set the clientless VPN (WebVPN) ASA for a customer portal that you am only using the plugin RDP Protocol.  I would rephrase the RDP help that appears on the RIGHT side of the screen once the user is logged in, because the text is quite vervbose and especially does not apply to my deployment (I only provided bookmarks for RDP sessions, no manual entry or navigation were allowed).

  I tried to download a .htm file to the 'personalization help' for RDP but after connection via a WebVPN session the new page simply does not, all I have is the standard on the box help page.

  It sounds pretty simple and I followed the steps in this document

  http://www.Cisco.com/en/us/products/ps6120/products_tech_note09186a008094abcb.shtml#helpapps

  I tried a lot of files with different extensions all this without a bit of luck.  Y at - there are simple somehting that I'm missing or that simply not work?

  I tried on 8.0 (4) and 8.4 (1) with the same results (or not), someone at - he never had any luck with this?

  Thanks to all in advance.

  Hello

  How do import you exactly? What language option do you use? Tried "in" ASA is set to default ' fr', for other languages that the "us - in ' respective translation table necessary to add

  Thank you

  Asim

• VMware VDI vs VMware View Horizon?

  Hi all

  This should be easy for you, the gurus of VMware

  I have a requirement to expand a network of a single
  location central out for a large company and I am looking to use Thin
  Customers in the new corporate reach in a VMware VDI environment offices
  in the center of data centralized where we already have a full blown 5 of Vsphere
  environment for our servers.

  I was originally looking for VMware VDI via VDA (http://download3.vmware.com/demos/vdi/)
  and was sold on the idea that it would be a good choice given the WAN
  traffic to the Thin Client workstations based on RDP/PCoIP and so
  not particularly heavy.

  However since then looked back to VMWare View and this
  seeks to do the same thing that the VDI put in place and seems to have much more
  information about this.

  I first thought that VMware View Horizon set caching of desktop
  locally (as for a profile of the end user on the WAN) has no sound
  too good to the traffic congestion, etc. so I rejected directly at the exit!

  Can someone tell me if the VDI via the VDA solution has been replaced
  VMware View Horizon? And if so point me a definitive guide for VMware View

  Thanks in advance

  David

  Network humble himself in VMware engineer!

  The link in your feed was on VDM 2.0 which was the first iteration of VMware VDI market.    The most recent is VMware view Horizon which can be found here, Horizon of VMware View (formerly VMware View) (VDI) Virtual Desktop Manager | United States of America.     There is a lot of information on this page that you can see and if you have any questions please do not hesitate to post them in this forum.

• Vmware VDI Soluções

  BOM dia amigos, tudo bem?

  Sober posso catch information wave as Soluções da of Vmware VDI, nao a nivel conceito POI sei as a Solução chama - is Vmware View entendo o conceito e da tecnologia of VDI, mas o than preciso e documentacao tecnica as Fall da settlements Solução da, cenario, material Chipre e da locations em TR.

  Obrigado e aguardo let.

  Ivanildo Galvão

  MCP MCSA MCT

  I think ja e um bom comeco. ABC!

  If you have found this information useful, please consider awarding points to 'Correct' or 'Useful'*.

• Authorization of RADIUS WebVPN ASA

  Hi, guys.

  I'm working on an ASA 5510 and plan to work as a waiter webvpn. Currently I am facing a Raius permission problem.

  I can't config Raiuds AV pair in ACS server to designate the webvpn different policies for each group of users.

  Until I have it configured on the router to IOS, and it might well work.

  How can I understand this? Anyone have any ideas? ASA does not support the webvpn radius av pair? Thank you.

  Ed

  Try this link for more information

  http://www.Cisco.com/univercd/CC/TD/doc/product/multisec/asa_sw/v_70/config/WebVPN.htm#wp1067287

• SSO with WebVPN ASA using RSA tokens

  Current configuration:

  Chip & PIN the user authenticates for-> ASA5510 8.2 Clientless VPN-> past to the 7.2 SDI RSA Authentication Manager.

  I've got of authentication works great, at the first connection, users can connect with their AD usernames and RSA tokens and generate his pin code.

  We used to use ACS express and their advertising information for vpn authentication, but now we have to two factors of authentication.

  Is it possible to some how to maintain SSO so that when the user authenticates via its RSA token they can always browse through OWA, Sharepoint, CIFS (file share) without having to enter their credentials for the AD?

  Any help or information is much appreciated.

  Thank you

  You can activate the field "internal password" on the customization of WebVPN and also re-name-the ("Password AD" for example) and then configure the entries in the auto-code of access for internal URLS on NTLM.  Such that when the guest servers the WebVPN session will send the user name used to connect to the ASA but send the internal password captured during the connection instead of the password used to connect to the WebVPN himself.

  The only problem I saw during the test, there is no seam to be a graceful way to establishing a password incorrect or missing, then NTLM would fail and fall back basic over ssl.   Finally it would block the AD accounts based on URL how much the user has tried when the password entered when the connection is bad or missing (because it failed to connect to the WebVPN).

• Required View VMware VDI PPT

  Hi all

  I'm new to this community of view particular vmware.

  I have to present a presentation on VMware View VDI in my organization, everyone helped me with the good ppt, who understand the demands of vmware view, benefits, need for infrastructure, etc. all..,.

  Concerning

  Riadh Gunnal

  http://rajugunnal.blogspot.com

  I got an error when sending your e-mail to the community. Please send me another email address (ppt size is 10 M)

• Truncate logs in vmware vdi

  Hi, we use vmware view 3.0 for desktop virtualization. We put the data user disk size to 128 MB.   everything worked very well today, we are faced with a problem, it's this vdm newspaper create the user profile. to the document and setting \all user\application Application Data VMware \vdm\logs.

  every now and then on their vdi low disk space error user.  and when we go to this place of \vdm\logs then we had newspapers of the day a lot of size 10 MB notapad file.then must manually remove the logs...

  y at - there any option or featuire through which we can truncate thease newspapers so that they cannot be more then 10 MB or more.

  The maximum size per file, you will need to set a maximum number of debug files too (default is 10).

• See imprint SHA of the certificate self-signed client webvpn ASA?

  When connecting to an ASA with certificate self-signed, using Cisco AnyConnect Secure Mobility Client 3.1 (10010), the AnyConnect client presents the big red warning box, which is good.  The user must turn off "Block for unknown servers connections" in the preferences in order to complete the connection.

  Is it possible for the user to view the fingerprint SHA1/SHA3 cert self-signed, before disabling the safety block?  I could have sworn that older versions of the AnyConnect client allow the user view the certificate details and fingerprints before choosing to accept and connect.

  You can't make AnyConnect 3.x or 4.x as far as I know. Even a set of Diagnostics and Reporting Tool (DART) does not include this information.

  It is quite easy to inspect although if you simply browse to the ASA to almost any browser interface. From there, you can review the site certificate (ASA), including the footprint of the RSA public key.

• ASA mismanaged webvpn cascading connections

  I'm trying to get a webvpn configuration to run with two ASAs which are cascading. Each ASA requires the user to connect to the webvpn. Practically, this means that you connect to the ASA to first, which, from the successful connection, should divert automatically you to the login screen the ASA webvpn cascade with a command of 'value https://homepage.

  It does not work correctly because the first ASA never presents you with the webvpn ASA connection second, but instead you will see the login of the ASA first again. I suspect that this might have something to do with cookies or the way ASAs calculate the special URL that they present the user's browser...?

  Furthermore, no matter what other web HTTPS service works properly when they are referenced as a home page, it won't work with a second ASA. In addition, connecting directly to the ASA second works without problem.

  Someone has any idea how to solve this problem?

  Thank you

  Toni

  Hi Toni,

  This is not a scenario supported (without customer through without customer)

  Kind regards

  Rami

• VDI Sysprep / activate Windows

  Hello

  I have a model in VMware VDI and use it to deploy virtual desktops using vWorkspace.  One of the questions I have is that sysprep appears to be removing the acticvation of Windows so after awhile user reports that windows activation beeds.  I have difficulty fast I've converted into a model of a virtual machine, activated windows and redeploy the virtual desktops.  A solution was to use a KMS and manage it in this way, but I would be very interested to know if anyone has this problem and if so what are the measures that you have taken,

  Thank you, John

  Hi John,.

  I always tell clients that they need to use a KMS server, when using instant preparation.  I'm not sure that there is another way.

  Concerning

  Paul

• WebVPN file download problem

  Hello world

  I have an ASA5520 with active WebVPN ASA 8.21 is software version.  I have users of webVPN login and need to download files from a cifs share.  Users successfully connect and gain access to the share.  However, it seems that when a file is greater than 2 GB, the download does not complete.  The download stops each time than 2GB.  If I log on locally and ride sharing, I can successfully download the entire file over 2GBs.    Is there a download through the WebVPN file limit?  Any other ideas of what could be the cause?

  Thank you

  Scott

  There are a few legacy group policy controls that allow you to restrict download, view, and download files.  What I read, I do not believe that these commands are hooked into the burner without ASA 8.x client.  I have this model in my lab to see if it really affects the max download file size.

  attributes of Group Policy WebVPNGroupPolicy
  Protocol-tunnel-VPN l2tp ipsec webvpn
  WebVPN
  size of download-max 3000000

  size of download-max 3000000

  mini-Max-size 3000000

• SSO with VDI

  Hello

  I have a question.

  I want to implement my VMware VDI architecture. I'm in Vsphere 5.0. So, I want to migrate to 5.5.

  Regarding the role of the SSO, it is recommended to separate the SSO role in another machine? Or I can implement this role in the same machine on my server for vSphere? What are the advantages and disadvantages?

  Thank you

  Richie

  Recommendation from VMware must deploy all components (SSO, web client inventory service, vCenter) in the same machine. This removes the complexity in architecture and environmental management. Order this blog post when to centralize vCenter Single Sign-On Server 5.5 | VMware vSphere Blog - VMware Blogs

• Connection to the Server VMware View - 404 error

  I was getting alarms in vCenter for CPU usage on my view connection server, I discovered was caused by the mysqld service 100% of the CPU usage. I restarted the server, and when she came back to the top, the https://server/admin page gave me a 404 error. After going through the papers, I found it (I think) caused by this:

  2013-08 - 06T 18: FATAL 00:08.403Z (0CF0-0DB4) < Thread-1 > [ICE] ice beginning com.vmware.vdi.ice.server.Ice.startServer(SourceFile:1167) exception java.net.BindException: address already in use: JVM_BIND to...

  and a bunch of java lines after that, but I'm sure that the relevant part is above. After some research, the only good head that I could find was to disable the IIS service, if it is installed, or configure it to use a different port. The service is not installed.

  So I did a netstat - anub | FIND/n '443'. The PID for the service that is listening on the port is 4, which corresponds to the function of the SYSTEM. I don't know how to change it. So I'm stuck.

  Ideas?

  IIS has not been installed. I did a last shot of station and just sort processes by use of memory and kill them until the 404 went. Ended up be the MS SQL Reporting Services. So I disabled the service and the view Web Admin page returned to the top after a reboot.

• VMware View network configuration

  Hello

  What is the best practice for setting of networking for VMware VDI with an EMC SAN deployment? About going to expand to 200-250 machines VDI.

  Should I have 3 VLAN:

  1 - network management

  2 - VMotion

  3 - traffic (VDI) virtual machine

  or can I setup it up like

  1 - management / vMotion

  2 - traffic Virtual Machine

  Thank you!

  If you speak only of VLAN that yes the three should be on the VLANS separated.