Cisco ASA Series Cli Configuration Manual page 1867
Software version 9.0 for the services module
Hide thumbs
Also See for ASA Series:
- Configuration manual (429 pages) ,
- Getting started (31 pages) ,
- Mount and connect (12 pages)
Table of Contents
Advertisement
Chapter 1
Configuring Clientless SSL VPN
Command
config-webvpn
smart-tunnel auto-signon HR use-domain ip
192.32.22.56 255.255.255.0
(Optional)
no smart-tunnel auto-signon HR use-domain ip
192.32.22.56 255.255.255.0
no smart-tunnel auto-signon HR
smart-tunnel auto-signon intranet host *.example.com
no smart-tunnel auto-signon intranet host
*.example.com
Following the configuration of the smart tunnel auto sign-on server list, you must assign it to a group
policy or a local user policy for it to become active, as described in the next section.
The next step is to add servers to the server list.
Adding Servers to a Smart Tunnel Auto Sign-on Server List
The following steps describe how to add servers to the list of servers for which to provide auto sign-on
in smart tunnel connections, and assign that list to a group policies or a local user.
Prerequisites
You must use the smart-tunnel auto-signon list command to create a list of servers first. You can assign
only one list to a group policy or username.
Restrictions
•
•
Detailed Steps
To enable smart tunnel auto sign-on in clientless (browser-based) SSL VPN sessions, use the following
commands:
Command
Step 1
webvpn
Step 2
group-policy webvpn
or
username webvpn
The smart-tunnel auto sign-on feature supports only applications communicating HTTP and HTTPS
using Internet Explorer and Firefox.
Firefox requires the administrator to specify hosts using an exact host name or IP address (instead
of a host mask with wild cards, a subnet using IP addresses, or a netmask). For example, within
Firefox, you cannot enter *.cisco.com and expect auto sign-on to host email.cisco.com.
Purpose
Switches to config-webvpn configuration mode.
Adds all hosts in the subnet and adds the Windows
domain to the username if authentication requires it.
Removes that entry from the list and the list named
HR if the entry removed is the only entry in the list.
Removes the entire list from the ASA configuration.
Adds all hosts in the domain to the smart tunnel auto
sign-on list named intranet.
Removes that entry from the list.
Purpose
Switches to webvpn configuration mode.
Switches to group-policy webvpn configuration
mode.
Switches to username webvpn configuration mode.
Cisco ASA Series CLI Configuration Guide
Configuring Application Access
1-59
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
