Cisco ASA 5505 User Manual

Page 1653

Advertising
background image

74-67

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 74 Configuring Clientless SSL VPN

Configuring Port Forwarding

Adding Applications to Be Eligible for Port Forwarding

The clientless SSL VPN configuration of each ASA supports port forwarding lists, each of which
specifies local and remote ports used by the applications for which you want to provide access. Because
each group policy or username supports only one port forwarding list, you must group each set of
applications to be supported into a list. To display the port forwarding list entries already present in the
ASA configuration, enter the following commands:

Detailed Steps

Command

Purpose

Step 1

dns server-group

Example:

hostname(config)# dns server-group example.com

hostname(config-dns-server-group)# domain-name

example.com

hostname(config-dns-server-group)# name-server

192.168.10.10

Enters the dns server-group mode.

Configures a DNS server group named
example.com.

Step 2

domain-name

Specifies the domain name. The default setting of
domain-name is DefaultDNS.

Step 3

name-server

Resolves the domain name to an IP address.

Step 4

webvpn

Switches to webvpn configuration mode.

Step 5

tunnel-group webvpn

Switches to tunnel-group webvpn configuration
mode.

Step 6

(Required only if you are using a domain name other than the
default one [DefaultDNS])

dns-group

Example:

asa2(config-dns-server-group)# exit

asa2(config)# tunnel-group DefaultWEBVPNGroup

webvpn-attributes

asa2(config-tunnel-webvpn)# dns-group example.com

Specifies the domain name the tunnel groups will
use. By default, the security appliance assigns the
Default WEBVPNGroup as the default tunnel group
for clientless connections. Follow this instruction if
the ASA uses that tunnel group to assign settings to
the clientless connections. Otherwise, follow this
step for each tunnel configured for clientless
connections.

Command

Purpose

Step 1

show run webvpn port-forward

Displays the port forwarding list entries already
present in the ASA configuration.

Step 2

webvpn

Switches to webvpn configuration mode.

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals