Using e-mail over clientless ssl vpn, Configuring e-mail proxies – Cisco ASA 5505 User Manual
Page 1665
74-79
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 74 Configuring Clientless SSL VPN
Using E-Mail over Clientless SSL VPN
Using E-Mail over Clientless SSL VPN
Clientless SSL VPN supports several ways to access e-mail. This section includes the following
methods:
•
•
Configuring Web E-mail: MS Outlook Web App
Configuring E-mail Proxies
Clientless SSL VPN supports IMAP4S, POP3S, and SMTPS e-mail proxies. The following attributes
apply globally to e-mail proxy users.
Restrictions
E-mail clients such as MS Outlook, MS Outlook Express, and Eudora lack the ability to access the
certificate store.
Detailed Steps
Command
Purpose
Step 1
accounting-server-group
Specifies the previously configured accounting
servers to use with e-mail proxy.
Step 2
authentication
Specifies the authentication method(s) for e-mail
proxy users. The default values are as follows:
•
IMAP4S: Mailhost (required)
•
POP3S Mailhost (required)
•
SMTPS: AAA
Step 3
authentication-server-group
Specifies the previously configured authentication
servers to use with e-mail proxy. The default is
LOCAL.
Step 4
authorization-server-group
Specifies the previously configured authorization
servers to use with clientless SSL VPN.
Step 5
authorization-required
Requires users to authorize successfully to connect.
The default is Disabled.
Step 6
authorization-dn-attributes
Identifies the DN of the peer certificate to use as a
username for authorization. The defaults are as
follows:
•
Primary attribute: CN
•
Secondary attribute: OU
Step 7
default-group-policy
Specifies the name of the group policy to use. The
default is DfltGrpPolicy.
Step 8
enable
Enables e-mail proxy on the specified interface. The
default is disabled.