ASA WebVPN OWA SSO Login Configration Example

From DocWiki

(Difference between revisions)
Jump to: navigation, search
m
 
Line 1: Line 1:
-
{{Template:Required Metadata}}
+
{{Template:Required Metadata}}  
-
==Introduction==
+
== Introduction ==
-
<!--Describe the purpose of the example and any unique characteristics of this configuration-->
+
<!--Describe the purpose of the example and any unique characteristics of this configuration-->  
-
Here you can find the configuration of SSO Login into your OWA account!
+
Here you can find the configuration of SSO Login into your OWA account when OWA is configured to use form based authentication.
-
Reference: https://supportforums.cisco.com/message/3296206#3296206
+
Reference: https://supportforums.cisco.com/message/3296206#3296206  
-
==Design==
+
== Configuration  ==
-
<!--Describe any setup details of this configuration and include a topology-->
+
<!--Provide any steps, tips, or suggestions to setting up this configuration successfully--> All configurations are done via ASDM!
-
<!--[[Image:sample_topology.jpg]]-->
+
'''Exchange 2003:'''
-
... nothing to design here :) ...
+
-
==Configuration==
+
Configuration -&gt; Remote Access VPN -&gt; Clientless SSL VPN Access -&gt; Portal -&gt; Bookmarks -&gt; Add/Edit your Bookmarks <br>
 +
<pre>URL: https&nbsp;:// &lt;yourhost&gt;/exchweb/bin/auth/owaauth.dll
-
<!--Provide any steps, tips, or suggestions to setting up this configuration successfully-->
+
Advanced Options: Post
-
All configurations are done via ASDM!
+
-
'''Exchange 2003:'''
+
destination&nbsp;: https://&lt;yourhost&gt;/exchange/
 +
flags&nbsp;: 0
 +
username&nbsp;: &lt;yourdomain&gt;\CSCO_WEBVPN_USERNAME
 +
password&nbsp;: CSCO_WEBVPN_PASSWORD
 +
SubmitCreds&nbsp;: Login
 +
trusted&nbsp;: 0
-
Configuration -> Remote Access VPN -> Clientless SSL VPN Access -> Portal -> Bookmarks -> Add/Edit your Bookmarks <br>
 
-
URL: https :// <yourhost>/exchweb/bin/auth/owaauth.dll
 
-
Advanced Options:
+
</pre>  
-
Post
+
'''Exchange 2007:'''  
-
 
+
-
destination : https://<yourhost>/exchange/ <br>
+
-
flags : 0 <br>
+
-
username : <yourdomain>\CSCO_WEBVPN_USERNAME <br>
+
-
password : CSCO_WEBVPN_PASSWORD <br>
+
-
SubmitCreds : Login <br>
+
-
trusted : 0 <br>
+
-
 
+
-
 
+
-
 
+
-
'''Exchange 2007:'''
+
... same as Exchange 2010 ...  
... same as Exchange 2010 ...  
 +
<br>
 +
<br> '''Exchange 2010:'''
 +
Configuration -&gt; Remote Access VPN -&gt; Clientless SSL VPN Access -&gt; Portal -&gt; Bookmarks -&gt; Add/Edit your Bookmarks
 +
<pre>URL: https&nbsp;:// &lt;yourhost&gt;/owa/auth/owaauth.dll
-
'''Exchange 2010:'''
+
Advanced Options: Post
-
 
+
-
Configuration -> Remote Access VPN -> Clientless SSL VPN Access -> Portal -> Bookmarks -> Add/Edit your Bookmarks <br>
+
-
URL: https :// <yourhost>/owa/auth/owaauth.dll
+
-
 
+
-
Advanced Options:
+
-
Post
+
-
 
+
-
destination : https://<yourhost>/owa/ <br>
+
-
flags : 0 <br>
+
-
forcedownlevel : 0 <br>
+
-
trusted : 0 <br>
+
-
username : <yourdomain>\CSCO_WEBVPN_USERNAME <br>
+
-
password : CSCO_WEBVPN_PASSWORD <br>
+
-
SubmitCreds : Login <br>
+
-
isUtf8 : 1 <br>
+
-
For Exchange 2010, in addition a "before-post-script" is required with the following content:
+
destination&nbsp;: https://&lt;yourhost&gt;/owa/
-
cscoSetCookie("PBack","0","/","<yourhost>",-1,0)
+
flags&nbsp;: 0
 +
forcedownlevel&nbsp;: 0
 +
trusted&nbsp;: 0
 +
username&nbsp;: &lt;yourdomain&gt;\CSCO_WEBVPN_USERNAME
 +
password&nbsp;: CSCO_WEBVPN_PASSWORD
 +
SubmitCreds&nbsp;: Login
 +
isUtf8&nbsp;: 1 </pre>
 +
For Exchange 2010, in addition a "before-post-script" is required with the following content:  
 +
<pre>cscoSetCookie("PBack","0","/","&lt;yourhost&gt;",-1,0)</pre>
 +
<br>(note: replace &lt;yourhost&gt; with the FQDN of your server)  
-
(note: replace <yourhost> with the FQDN of your server)
+
[[Category:Security_and_VPN_Configuration_Examples]]
-
[[Category: Security and VPN Configuration Examples]]
+

Latest revision as of 08:04, 25 June 2012

Introduction

Here you can find the configuration of SSO Login into your OWA account when OWA is configured to use form based authentication.

Reference: https://supportforums.cisco.com/message/3296206#3296206

Configuration 

All configurations are done via ASDM!

Exchange 2003:

Configuration -> Remote Access VPN -> Clientless SSL VPN Access -> Portal -> Bookmarks -> Add/Edit your Bookmarks 

URL: https :// <yourhost>/exchweb/bin/auth/owaauth.dll

Advanced Options: Post

destination : https://<yourhost>/exchange/
flags : 0
username : <yourdomain>\CSCO_WEBVPN_USERNAME
password : CSCO_WEBVPN_PASSWORD
SubmitCreds : Login
trusted : 0

Exchange 2007:

... same as Exchange 2010 ...



Exchange 2010:

Configuration -> Remote Access VPN -> Clientless SSL VPN Access -> Portal -> Bookmarks -> Add/Edit your Bookmarks 

URL: https :// <yourhost>/owa/auth/owaauth.dll

Advanced Options: Post

destination : https://<yourhost>/owa/
flags : 0
forcedownlevel : 0
trusted : 0
username : <yourdomain>\CSCO_WEBVPN_USERNAME
password : CSCO_WEBVPN_PASSWORD
SubmitCreds : Login
isUtf8 : 1

For Exchange 2010, in addition a "before-post-script" is required with the following content: 

cscoSetCookie("PBack","0","/","<yourhost>",-1,0)


(note: replace <yourhost> with the FQDN of your server)

Rating: 3.4/5 (8 votes cast)

Retrieved from "http://docwiki.cisco.com/wiki/ASA_WebVPN_OWA_SSO_Login_Configration_Example"
Personal tools