Cifs file access requirement and limitation, Adding support for file access – Cisco ASA 5505 User Manual

Page 1661

Advertising
background image

74-75

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 74 Configuring Clientless SSL VPN

Configuring File Access

The ASA uses a master browser, WINS server, or DNS server, typically on the same network as the ASA
or reachable from that network, to query the network for a list of servers when the remote user clicks
Browse Networks in the menu of the portal page or on the toolbar displayed during the clientless SSL
VPN session.

The master browser or DNS server provides the CIFS/FTP client on the ASA with a list of the resources
on the network, which clientless SSL VPN serves to the remote user.

Note

Before configuring file access, you must configure the shares on the servers for user access.

CIFS File Access Requirement and Limitation

To access

\\server\share\subfolder\personal

folder

, the user must have list permission for all

points above

personal

folder

.

Clientless SSL VPN does not support the Copy and Paste buttons displayed on the CIFS browser. Users
must click Download to copy files from CIFS directories to the local desktop.

The CIFS browse server feature does not support double-byte character share names (share names
exceeding 13 characters in length). This only affects the list of folders displayed, and does not affect user
access to the folder. As a workaround, you can pre-configure the bookmark(s) for the CIFS folder(s) that
use double-byte share names, or the user can enter the URL or bookmark of the folder in the format
cifs://server/<long-folder-name> . For example:

cifs://server/Do you remember?

cifs://server/Do%20you%20remember%3F

Adding Support for File Access

Configure file access as follows:

Note

The first procedure describes how to specify the master browser and WINS servers. As an alternative,
you can use ASDM to configure URL lists and entries that provide access to file shares.

Adding a share in ASDM does not require a master browser or a WINS server. However, it does not
provide support for the Browse Networks link. You can use a hostname or an IP address to refer to
ServerA when entering this command. If you use a hostname, the ASA requires a DNS server to resolve
it to an IP address.

Detailed Steps

Command

Purpose

Step 1

webvpn

Switches to webvpn configuration mode.

Step 2

tunnel-group webvpn

Switches to tunnel-group webvpn configuration
mode.

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals