Enabling and disabling smart tunnel access – Cisco ASA 5505 User Manual

74-62

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 74 Configuring Clientless SSL VPN

Configuring Application Access

Requirements

For Mac OS X, you must click the link for the application in the portal’s Application Access panel, with
or without auto-start configured.

Detailed Steps

Enabling and Disabling Smart Tunnel Access

By default, smart tunnels are disabled.

Detailed Steps

Command

Purpose

Step 1

webvpn

Switches to webvpn configuration mode.

Step 2

group-policy webvpn

OR

username webvpn

Switches to group-policy webvpn configuration
mode.

Switches to username webvpn configuration mode.

Step 3

smart-tunnel auto-start list

Example:

hostname(config-group-policy)# webvpn

hostname(config-group-webvpn)# smart-tunnel

auto-start apps1

Starts smart tunnel access automatically upon user
login. list is the name of the smart tunnel list already
present.

Assigns the smart tunnel list named apps1 to the
group policy.

Step 4

show running-config webvpn

Views the smart tunnel list entries in the SSL VPN
configuration.

Step 5

(Optional)

no smart-tunnel

Removes the smart-tunnel command from the group
policy or username and reverts to the default.

Command

Purpose

Step 1

webvpn

Switches to webvpn configuration mode.

Step 2

group-policy webvpn

OR

username webvpn

Switches to group-policy webvpn configuration
mode.

Switches to username webvpn configuration mode.

Step 3

smart-tunnel [enable list | disable]

Example:

hostname(config-group-policy)# webvpn

hostname(config-group-webvpn)# smart-tunnel enable

apps1

Enables smart tunnel access. list is the name of the
smart tunnel list already present. You do not have to
start smart tunnel access manually if you entered
smart-tunnel auto-start list from the previous
table.

Assigns the smart tunnel list named apps1 to the
group policy.