Assigning a port forwarding list, Ssigning a port forwarding list – Cisco ASA 5505 User Manual

Page 1655

Advertising
background image

74-69

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 74 Configuring Clientless SSL VPN

Configuring Port Forwarding

Following the configuration of a port forwarding list, assign the list to group policies or usernames, as
described in the next section.

Step 7

(Optional) Highlight a port forwarding list and click Assign to assign the selected list to one or more
group policies, dynamic access policies, or user policies.

Assigning a Port Forwarding List

You can add or edit a named list of TCP applications to associate with users or group policies for access
over clientless SSL VPN connections. For each group policy and username, you can configure clientless
SSL VPN to do one of the following:

Start port forwarding access automatically upon user login.

Note

These options are mutually exclusive for each group policy and username. Use only one.

Prerequisites

Before initiating the port-forward enable list_name command, the user is required to start port
forwarding manually, using the Application Access > Start Applications button on the clientless SSL
VPN portal page.

Detailed Steps

These commands are available to each group policy and username. The configuration of each group
policy and username supports only one of these commands at a time, so when you enter one, the ASA
replaces the one present in the configuration of the group policy or username in question with the new
one, or in the case of the last command, simply removes the port-forward command from the group
policy or username configuration.

Command

Purpose

Step 1

port-forward auto-start

list_name

OR

port-forward enable

list_name

OR

port-forward disable

OR

no port-forward

[auto-start

list_name

|

enable

list_name |

disable

]

Starts port forwarding automatically upon user
login.

Enables port forwarding upon user login.

Prevents port forwarding.

Removes a port-forward command from the group
policy or username configuration, which then
inherits the [no] port-forward command from the
default group-policy. The keywords following the
no port-forward command are optional, however,
they restrict the removal to the named port-forward
command.

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals