Cisco ASA 5505 User Manual

74-54

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 74 Configuring Clientless SSL VPN

Configuring Application Access

Step 5

smart-tunnel list

entering the same list string but specifying the unique
application string and path value in each command

OR

smart-tunnel list

entering the same list string but specifying the unique
application string and a unique hash value

Enter once for each path to authorize an application
for smart tunnel access when it is present on one of
several paths on the remote host.

Note

A sudden problem with smart tunnel access
may be an indication that a Process Name
value is not up-to-date with an application
upgrade. For example, the default path to an
application sometimes changes following
the acquisition of the company that produces
the application and the next application
upgrade.

Enter once for each version when multiple versions
of an application exist. Entering a hash provides a
reasonable assurances that SSL VPN does not
qualify an illegitimate file that matches the string
you specified in the path.

Note

You must maintain the smart tunnel list in
the future if you enter hash values and you
want to support future versions or patches of
an application with smart tunnel access. A
sudden problem with smart tunnel access
may be an indication that the application list
containing hash values is not up-to-date with
an application upgrade. You can avoid this
problem by not entering a hash.

Command

Purpose