Cisco ASA 5505 Configuration Manual page 1469

Asa 5500 series

Hide thumbs Also See for ASA 5505:

Getting started manual (168 pages)

Administrator's manual (118 pages)

Hardware installation manual (82 pages)

Table of Contents

Clientless SSL VPN

For More Information

Customizing the Clientless SSL VPN User Experience

You can configure ACLs (access control lists) to apply to user sessions. These are filters that permit or

deny user access to specific networks, subnets, hosts, and web servers.

This pane lets you add and edit ACLs to be used for clientless SSL VPN sessions, and the ACL entries

each ACL contains. It also displays summary information about ACLs and ACEs, and lets you enable or

disable them, and change their priority order.

The following table shows the modes in which this feature is available:

If you do not define any filters, all connections are permitted.

The adaptive security appliance supports only an inbound ACL on an interface.

At the end of each ACL, there is an implicit, unwritten rule that denies all traffic that is not

permitted. If traffic is not explicitly permitted by an ACE (access control entry), the adaptive

security appliance denies it. ACEs are referred to as rules in this topic.

Add ACL—Click to add an ACL or ACE. To insert a new ACE before or after an existing ACE, click

Insert or Insert After.

Edit—Click to edit the highlighted ACE. When you delete an ACL, you also delete all of its ACEs.

No warning or undelete.

Delete—Click to delete the highlighted ACL or ACE. When you delete an ACL, you also delete all

of its ACEs. No warning or undelete.

Move UP/Move Down—Highlight an ACL or ACE and click these buttons to change the order of

ACLs and ACEs. The adaptive security appliance checks ACLs to be applied to clientless SSL VPN

sessions and their ACEs in the sequence determined by their position in the ACLs list until it finds

+/-—Click to expand (+) or collapse (-) to view or hide the list of ACEs under each ACL.

No—Displays the priority of the ACEs under each ACL. The order in the list determines priority.

Enabled—Shows whether the ACE is enabled. When you create an ACE, by default it is enabled.

Clear the check box to disable an ACE.

Address—Displays the IP address or URL of the application or service to which the ACE applies.

Service—Displays the TCP service to which the ACE applies.

Action—Displays whether the ACE permits or denies clientless SSL VPN access.

Time—Displays the time range associated with the ACE.

Logging (Interval)—Displays the configured logging behavior, either disabled or with a specified

level and time interval.

Cisco ASA 5500 Series Configuration Guide using ASDM

Show Quick Links

Chapters

Table of Contents

Asa 5510 Asa 5540 Asa 5520 Asa 5550 Asa 5580

Cisco ASA 5505 Configuration Manual page 1469

Hide quick links:

Chapters

Related Manuals for Cisco ASA 5505

Related Products for Cisco ASA 5505

This manual is also suitable for:

Table of Contents