Assigning A Smart Tunnel List; Automating Smart Tunnel Access - Cisco PIX 500 Series Configuration Manual
Security appliance command line
Hide thumbs
Also See for PIX 500 Series:
- Administration manual (653 pages) ,
- Quick start manual (72 pages) ,
- User manual (60 pages)
Table of Contents
Advertisement
Configuring Application Access
Assigning a Smart Tunnel List
For each group policy and username, you can configure clientless SSL VPN to do one of the following:
•
•
These options are mutually exclusive for each group policy and username. Use only one.
Note
Table 37-5
configuration of each group policy and username supports only one of these commands at a time, so
when you enter one, the security appliance replaces the one present in the configuration of the group
policy or username in question with the new one, or in the case of the last command, simply removes the
smart-tunnel command already present in the group policy or username.
Table 37-5
Command
smart-tunnel auto-start list Starts smart tunnel access automatically upon user login.
smart-tunnel enable list
smart-tunnel disable
no smart-tunnel
[auto-start list | enable list |
disable]
For details, go to the section that addresses the option you want to use.
Automating Smart Tunnel Access
To start smart tunnel access automatically upon user login, enter the following command in group-policy
webvpn configuration mode or username webvpn configuration mode:
smart-tunnel auto-start list
list is the name of the smart tunnel list already present in the security appliance webvpn configuration.
You cannot assign more than smart tunnel list to a group policy or username. To view the smart tunnel
list entries in the SSL VPN configuration, enter the show running-config webvpn command in
privileged EXEC mode.
To remove the smart-tunnel command from the group policy or username and inherit the [no]
smart-tunnel command from the default group-policy, use the no form of the command.
no smart-tunnel
The following commands assign the smart tunnel list named apps1 to the group policy:
hostname(config-group-policy)# webvpn
hostname(config-group-webvpn)# smart-tunnel auto-start apps1
Cisco Security Appliance Command Line Configuration Guide
37-38
Start smart tunnel access automatically upon user login.
Enable smart tunnel access upon user login, but require the user to start it manually, using the
Application Access > Start Smart Tunnels button on the clientless SSL VPN Portal Page.
lists the smart tunnel commands available to each group policy and username. The
group-policy and username webvpn Smart Tunnel Commands
Description
Enables smart tunnel access upon user login, but requires the user to
start smart tunnel access manually, using the Application Access >
Start Smart Tunnels button on the clientless SSL VPN portal page.
Prevents smart tunnel access.
Removes a smart-tunnel command from the group policy or username
configuration, which then inherits the [no] smart-tunnel command
from the default group-policy. The keywords following the no
smart-tunnel command are optional, however, they restrict the removal
to the named smart-tunnel command.
Chapter 37
Configuring Clientless SSL VPN
OL-12172-03
Advertisement
Table of Contents
Troubleshooting
