Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Running VPN scripts

Status
Not open for further replies.
cepacs

cepacs

Technical User
Jun 3, 2008
32
US
Is there a way to configure the ASA to run a script when users connect thru VPN? I'd like to do this without having scripts that launch from the client end because we want to make it easy for the users.
 
Sort by date Sort by votes
no, this is a security device. try setting up radius or tacacs that may fit your 'script' needs.

what sort of script are you trying to run?
 
Upvote 0 Downvote
I want to map a drive to the user's home directory on a server. I could make a VB program that they can save on their home PCs and launch after making a VPN connection, but I wish there was a way to say to them "just download and install Cisco AnyConnect" and not have to give them other things to download and more instructions.

I just wish our users only had to make a VPN connection and then have the mappings happen automatically. Some of our users are technically challenged and would have a hard time if it involved more than making the VPN connection.
 
Upvote 0 Downvote
as long as you are running active directory this is no problem. the option you are looking for is called start before logon (SBL). i'm assuming that users connect to your WebVPN portal and have the AnyConnect client automatically download to the PC's?? when you do that and configure the SBL feature an additional piece is downloaded and installed on their machines. it works really slick. follow these instructions on getting it configured:

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
There's only a few of us using the VPN. I downloaded AnyConnect from Cisco and I have given the install file to a few employees on their flash drives.

Looking at SBL, it seems that the client machine must be joined to the domain... is this the case? If so, I wouldn't want our users to be joining their home PCs to our domain.
 
Upvote 0 Downvote
if that's the case then you'll have to have them manually execute the script

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
If you don't want them to join the domain with their home pc's than why are you letting them map a drive to your server? Thats not a good idea from a security perspective.
 
Upvote 0 Downvote
It's not that I don't trust them joining their home PCs to the domain, they only have access to their home directory. The reason I don't want them joining to our domain is because I don't want to be trouble shooting problems with workers' home PCs. I don't want people saying to me, "ever since I put my home PC in the domain, it's been running slow... can you look at it for me?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
340
intel233
intel233
ISDPCMAN
  • Locked
  • Question
RDP fails over VPN
Replies
1
Views
140
gkittelson
gkittelson
Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
408
Shmid
Shmid
WhosYourDiffie
  • Locked
  • Question
Cisco ASA 5506 VPN for Avaya Phones
Replies
0
Views
95
WhosYourDiffie
WhosYourDiffie
PauS0n
  • Locked
  • Question
Need Help On Cisco ASA 5512 Running Version 9
Replies
0
Views
100
PauS0n
PauS0n

Part and Inventory Search

Sponsor

Back
Top