Understanding VPN Access Policies
To limit Internet access for users, choose Disable for the URL Entry field. This prevents SSL VPN
users from surfing the web during a clientless VPN connection.
•
Port Forwarding Lists Tab—Lets you select and configure port forwarding lists for user sessions.
Port Forwarding provides access for remote users in the group to client/server applications that
communicate over known, fixed TCP/IP ports. Remote users can use client applications that are
installed on their local PC and securely access a remote server that supports that application. Cisco
has tested the following applications: Windows Terminal Services, Telnet, Secure FTP (FTP over
SSH), Perforce, Outlook Express, and Lotus Notes. Other TCP-based applications may also work,
but Cisco has not tested them.
Note
Caution
Make sure Sun Microsystems Java Runtime Environment (JRE) 1.4+ is installed on the remote
computers to support port forwarding (application access) and digital certificates.
Bookmarks—Lets you select and configure bookmarks for certain user session URLs.
•
Cisco ASA 5500 Series Configuration Guide using ASDM
65-14
–
Unchanged—(default) Click to use values from the group policy that applies to this session.
Enable/Disable—Click to enable or disable the feature.
–
Auto-start—Click to enable HTTP proxy and to have the DAP record automatically start the
–
applets associated with these features.
Port Forwarding does not work with some SSL/TLS versions.
Port Forwarding—Select an option for the port forwarding lists that apply to this DAP record.
–
The other attributes in this field are enabled only when you set Port Forwarding to Enable or
Auto-start.
Unchanged—Click to remove the attributes from the running configuration.
–
Enable/Disable—Click to enable or disable port forwarding.
–
Auto-start—Click to enable port forwarding, and to have the DAP record automatically start the
–
port forwarding applets associated with its port forwarding lists.
Port Forwarding List drop-down list—Select already configured port forwarding lists to add to
–
the DAP record.
New...—Click to configure new port forwarding lists.
–
Port Forwarding Lists (unlabeled)—Displays the port forwarding lists for the DAP record.
–
Add—Click to add the selected port forwarding list from the drop-down list to the Port
–
Forwarding list on the right.
Delete—Click to delete selected port forwarding list from the Port Forwarding list. You cannot
–
delete a port forwarding list from the adaptive security appliance unless you first delete it from
DAP records.
Enable bookmarks—Click to enable. When unchecked, no bookmarks display in the portal page
–
for the connection.
Bookmark drop-down list—select already configured bookmarks to add to the DAP record.
–
Manage...—Click to add, import, export, and delete bookmarks.
–
Bookmarks (unlabeled)—Displays the URL lists for the DAP record.
–
Add—Click to add the selected bookmark from the drop-down list to the URL area on the right.
–
Chapter 65
Configuring Dynamic Access Policies
OL-20339-01