Cisco ASA 5505 User Manual

74-33

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 74 Configuring Clientless SSL VPN

Configuring Group Policy and User Attributes for Clientless SSL VPN

Configuring Group Policy and User Attributes for Clientless SSL
VPN

Table 74-3

provides a list of group policy and user attributes for clientless SSL VPN. For step-by-step

instructions on configuring group policy and user attributes, see

“Configuring Group Policies”

and

“Configuring Attributes for Specific Users”

or in

Chapter 67, “Configuring Connection Profiles, Group

Policies, and Users.”

.

dns-group

Identifies the DNS server group that specifies the DNS server name, domain
name, name server, number of retries, and timeout values .

hic-fail-group-poli

cy

Specifies a VPN feature policy if you use the Cisco Secure Desktop Manager
to set the Group-Based Policy attribute to “Use Failure Group-Policy” or “Use
Success Group-Policy, if criteria match.”

override-svc-downlo

ad

Overrides downloading the group-policy or username attributes configured for
downloading the AnyConnect VPN client to the remote user.

radius-reject-messa

ge

Enables the display of the RADIUS reject message on the login screen when
authentication is rejected.

Table 74-2

Connection Profile Attributes for Clientless SSL VPN

Command

Function

Table 74-3

Group Policy and User Attributes for Clientless SSL VPN

Command

Function

activex-relay

Lets a user who has established a clientless SSL VPN session use the browser
to launch Microsoft Office applications. The applications use the session to
download and upload Microsoft Office documents. The ActiveX relay remains
in force until the clientless SSL VPN session closes.

auto-signon

Sets values for auto signon, which requires only that the user enter username
and password credentials only once for a clientless SSL VPN connection.

customization

Assigns a customization object to a group-policy or user.

deny-message

Specifies the message delivered to a remote user who logs into clientless SSL
VPN successfully, but has no VPN privileges.

file-browsing

Enables CIFS file browsing for file servers and shares. Browsing requires
NBNS (Master Browser or WINS).

file-entry

Allows users to enter file server names to access.

filter

Sets the name of the webtype access list.

hidden-shares

Controls the visibility of hidden shares for CIFS files.

homepage

Sets the URL of the web page that displays upon login.

html-content-filter

Configures the content and objects to filter from the HTML for this group
policy.

http-comp

Configures compression.