Cisco ASA Series Cli Configuration Manual page 1886

Using E-Mail over Clientless SSL VPN
Configuring E-mail Proxies
Clientless SSL VPN supports IMAP4S, POP3S, and SMTPS e-mail proxies. The following attributes
apply globally to e-mail proxy users.
Restrictions
E-mail clients such as MS Outlook, MS Outlook Express, and Eudora lack the ability to access the
certificate store.
Detailed Steps
Command
Step 1
accounting-server-group
Step 2
authentication
Step 3
authentication-server-group
Step 4
authorization-server-group
Step 5
authorization-required
Step 6
authorization-dn-attributes
Step 7
default-group-policy
Step 8
enable
Step 9
name-separator
Step 10
outstanding
Cisco ASA Series CLI Configuration Guide
1-78
Chapter 1 Configuring Clientless SSL VPN
Purpose
Specifies the previously configured accounting
servers to use with e-mail proxy.
Specifies the authentication method(s) for e-mail
proxy users. The default values are as follows:
•
IMAP4S: Mailhost (required)
•
POP3S Mailhost (required)
•
SMTPS: AAA
Specifies the previously configured authentication
servers to use with e-mail proxy. The default is
LOCAL.
Specifies the previously configured authorization
servers to use with clientless SSL VPN.
Requires users to authorize successfully to connect.
The default is Disabled.
Identifies the DN of the peer certificate to use as a
username for authorization. The defaults are as
follows:
•
Primary attribute: CN
•
Secondary attribute: OU
Specifies the name of the group policy to use. The
default is DfltGrpPolicy.
Enables e-mail proxy on the specified interface. The
default is disabled.
Defines the separator between the e-mail and VPN
usernames and passwords. The default is colon (:).
Configures the maximum number of outstanding
non-authenticated sessions. The default is 20.