IO540,

SSL VPN products use java/active-x tools in order to enforce endpoint security.

That is, requirements that sysadmin specifies prior to allowing access to resources (e.g. anti-virus software present etc.).

Surely you've read the manual for your aventail box ? The above is a basic operating concept.

The obvious work-around to your problem is to configure your normal packet-filter / proxy firewall to allow the RDP port. Ensuring of course that you take appropriate security precautions, as RDP exposed directly to the outside world is not recommended (and there is a virus doing the rounds at the moment that exploits this fact, even if it does somewhat rely on dictionary attacks).

Second option might be to switch vendors and get a Juniper box instead (see YouTube demos of Junos Pulse etc).