37-24
Cisco Security Appliance Command Line Configuration Guide
OL-10088-01
Chapter 37 Configuring WebVPN
Using WebVPN with PDAs
Step 2 Install an SSL certificate onto the security appliance interface to which remote users use a fully-qualified
domain name (FQDN) to connect.
Note Do not specify an IP address as the common name (CN) for the SSL certificate. The remote user
attempts to use the FQDN to communicate with the security appliance. The remote PC must be
able to use DNS or an entry in the System32\drivers\etc\hosts file to resolve the FQDN.
Step 3 Use the functions citrix command once for each group policy or user for which you want to enable
Citrix support.
The following example shows how to configure Citrix for a group policy named FirstGroup:
hostname(config)# group-policy FirstGroup internal
hostname(config)# group-policy FirstGroup attributes
hostname(config-group-policy)# webvpn
hostname(config-group-webvpn)# functions citrix
hostname(config-group-webvpn)#
Using WebVPN with PDAs
You can access WebVPN from your Pocket PC or other certified personal digital assistant device.
Neither the security appliance administrator nor the WebVPN user need do anything special to use
WebVPN with a certified PDA.
Cisco has certified the following PDA platform:
HP iPaq H4150
Pocket PC 2003
Windows CE 4.20.0, build 14053
Pocket Internet Explorer (PIE)
ROM version 1.10.03ENG
ROM Date: 7/16/2004
Some differences in the PDA version of WebVPN exist:
• A banner web page replaces the popup WebVPN window.
• An icon bar replaces the standard WebVPN floating toolbar. This bar displays the Go, Home and
Logout buttons.
• The Show Toolbar icon is not included on the main WebVPN portal page.
• Upon WebVPN logout, a warning message provides instructions for closing the PIE browser
properly. If you do not follow these instructions and you close the browser window in the common
way, PIE does not disconnect from WebVPN or any secure website that uses HTTPS.
• WebVPN supports OWA 2000 and OWA 2003 Basic Authentication. If Basic Authentication is not
configured on an OWA server and a WebVPN user attempts to access that server, access is denied.
• Unsupported WebVPN features:
–
Application Access (port forwarding) and other Java-dependent features
–
MAPI proxy
–
HTTP proxy
–
Cisco Secure Desktop (CSD does provide limited support for Microsoft Windows CE)
To Next Page
Loading...
Need help?
General