Cisco FirePOWER ASA 5500 series Configuration Manual page 613
Security appliance command line
Hide thumbs
Also See for FirePOWER ASA 5500 series:
- Datasheet (20 pages) ,
- Configuration manual (1140 pages)
Table of Contents
Advertisement
Chapter 30
Configuring Tunnel Groups, Group Policies, and Users
•
•
•
•
•
•
•
•
•
In many instances, you define the WebVPN attributes as part of configuring WebVPN, then you apply
those definitions to specific groups when you configure the group-policy webvpn attributes. Enter
group-policy webvpn configuration mode by using the webvpn command in group-policy configuration
mode. WebVPN commands for group policies define access to files, MAPI proxy, URLs and TCP
applications over WebVPN. They also identify ACLs and types of traffic to filter. WebVPN is disabled
by default. See the description of WebVPN in Cisco Security Appliance Command Line Configuration
Guide and Cisco Security Appliance Command Reference for more information about configuring the
WebVPN attributes.
To remove all commands entered in group-policy webvpn configuration mode, enter the no form of this
command. These webvpn commands apply to the username or group policy from which you configure
them.
hostname(config-group-policy)# webvpn
hostname(config-group-policy)# no webvpn
You do not need to configure WebVPN to use e-mail proxies.
The following example shows how to enter group-policy webvpn configuration mode for the group
policy named FirstGroup:
hostname(config)# group-policy FirstGroup attributes
hostname(config-group-policy)# webvpn
hostname(config-group-webvpn)#
Configuring Group-Policy WebVPN Function Attributes
Configure the WebVPN functions that you want to enable. To configure file access and file browsing,
HTTP Proxy, MAPI Proxy, and URL entry over WebVPN for this group policy, enter the functions
command in webvpn mode. These functions are disabled by default.
hostname(config-group-webvpn)# functions {auto-download | citrix | file-access |
file-browsing | file-entry | filter | http-proxy | mapi | none | port-forward | url-entry}
To remove a configured function, enter the no form of this command. The no option allows inheritance
of a value from another group policy. To prevent inheriting function values, enter the functions none
command.
To remove all configured functions, including a null value created by issuing the functions none
command, enter the no form of this command without arguments.
hostname(config-group-webvpn)# no functions [auto-download | citrix | file-access |
file-browsing | file-entry | filter | http-proxy | mapi | none | port-forward | url-entry]
Table 30-3
OL-10088-01
url-list
port-forward
port-forward-name
sso server (single-signon server)
auto-signon
deny message
SSL VPN Client (SVC)
keep-alive ignore
HTTP compression
describes the meaning of the keywords used in this command.
Cisco Security Appliance Command Line Configuration Guide
Group Policies
30-59
Advertisement
Table of Contents
Troubleshooting
