VPN 3005 SSL "clientless" and VPN client performance

Discussion in 'Cisco' started by Evan Wagner, Apr 3, 2004.

  1. Evan Wagner

    Evan Wagner Guest

    Evan Wagner, Apr 3, 2004
    1. Advertisements

  2. I haven't rolled it out widely enough to detect performance problems,
    partially because implementation bugs prevented me from using anything
    more sophisticated than the basic https proxying.

    - The e-mail proxying is not suitable in our environment because we use
    one-time-password tokens and the imaps/pop3s proxies work by prepending your
    RAS password to your email password in the email client -- requiring a reauth
    with every new imap session.

    - The generic TCP forwarding only works with a specific version of the Sun JRE,
    and even that version gave Java exceptions left and right when I tried to use

    I was able to make it work for the users who needed this service by doing
    everything through the https proxy -- I set up a webmail server and a
    MindTerm ssh gateway for logins.. but its pretty hackish. Caveat sysadmin.
    Eric Sorenson, Apr 4, 2004
    1. Advertisements

  3. Evan Wagner

    Evan Wagner Guest

    Thanks for the information. We've got separate Webmail so it may work
    fine for what I have in mind. I'm trying to avoid rolling out multiple
    boxes (from different vendors) for SSL and VPN client solutions.

    Evan Wagner, Apr 6, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.