Clientless SSL VPN with Mobile Devices


Note

Cisco announces the feature deprecation for Clientless SSL VPN effective with ASA version 9.17(1). Limited support will continue on releases prior to 9.17(1). Further guidance will be provided regarding migration options to more robust and modern solutions (for example, remote Duo Network Gateway, AnyConnect, remote browser isolation capabilities, and so on).


Use Clientless SSL VPN with Mobile Devices

You can access Clientless SSL VPN from your Pocket PC or other certified mobile device. Neither the ASA administrator nor the Clientless SSL VPN user need do anything special to use Clientless SSL VPN with a certified mobile device.

Some differences in the mobile device version of Clientless SSL VPN exist:

  • A banner Web page replaces the popup Clientless SSL VPN window.

  • An icon bar replaces the standard Clientless SSL VPN floating toolbar. This bar displays the Go, Home and Logout buttons.

  • The Show Toolbar icon is not included on the main Clientless SSL VPN portal page.

  • Upon Clientless SSL VPN logout, a warning message provides instructions for closing the PIE browser properly. If you do not follow these instructions and you close the browser window in the common way, PIE does not disconnect from Clientless SSL VPN or any secure website that uses HTTPS.

Restrictions of Clientless SSL VPN with Mobile

  • Clientless SSL VPN supports OWA 2010 Basic Authentication. If Basic Authentication is not configured on an OWA server and a Clientless SSL VPN user attempts to access that server, access is denied.

  • Unsupported Clientless SSL VPN features:

    • Application Access and other Java-dependent features.

    • HTTP proxy.

    • The Citrix Metaframe feature (if the PDA does not have the corresponding Citrix ICA client software).