Automating smart tunnel access – Cisco ASA 5505 User Manual

Page 1647

Advertising

74-61

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 74 Configuring Clientless SSL VPN

Configuring Application Access

Automating Smart Tunnel Access

To start smart tunnel access automatically upon user login, enter the following commands:

Step 4

(Optional)

[no] smart-tunnel auto-signon enable

list

[domain

domain

] [host host name] [realm realm string] [port

port number]

Disables smart tunnel auto sign-on clientless SSL
VPN session, removes it from the group policy or
username, and uses the default.

•

list—The name of a smart tunnel auto sign-on
list already present in the ASA webvpn
configuration.

•

(Optional) domain domain—The name of the
domain to be added to the username during
authentication. If you enter a domain, enter the
use-domain keyword in the list entries.

•

host—Specifies the server by its host name or
wildcard mask. Using this option protects the
configuration from dynamic changes to IP
addresses.

•

port—Specifies which port performs auto
sign-on. For Firefox, if no port number is
specified, auto sign is performed on HTTP and
HTTPS, accessed by the default port numbers
80 and 443 respectively.

•

realm—Configures a realm for the
authentication. Realm is associated with the
protected area of the website and is passed back
to the browser either in the authentication
prompt or in the HTTP headers during
authentication. Once auto-sign is configured
and a realm string is specified, users can
configure the realm string on a web application
(such as Outlook Web Access) and access web
applications without signing on.

Step 5

show running-config webvpn smart-tunnel

Views the smart tunnel auto sign-on list entries in
the SSL VPN configuration.

Step 6

smart-tunnel auto-signon enable HR

Enables the smart tunnel auto sign-on list named
HR.

Step 7

smart-tunnel auto-signon enable HR domain CISCO

Enables the smart tunnel auto sign-on list named HR
and adds the domain named CISCO to the username
during authentication.

Step 8

(Optional)

no smart-tunnel auto-signon enable HR

Removes the smart tunnel auto sign-on list named
HR from the group policy and inherits the smart
tunnel auto sign-on list command from the default
group policy.

Command

Purpose

Advertising

This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands

Popular manuals