1-51
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Clientless SSL VPN
Configuring Application Access
Clearing Cached Kerberos Tickets
To clear all Kerberos ticket information on the ASA, follow these commands:
Note
Restriction
When creating a bookmark to an application that uses Kerberos constrained delegation (KCD), do not
check Enable Smart Tunnel.
Detailed Steps
Configuring Application Access
The following sections describe how to enable smart tunnel access and port forwarding on clientless SSL
VPN sessions, specify the applications to be provided with such access, and provide notes on using it:
• Configuring Smart Tunnel Log OffConfiguring Smart Tunnel Access
Configuring Smart Tunnel Log Off
Configuring Smart Tunnel Access
To configure smart tunnel access, you create a smart tunnel list containing one or more applications
eligible for smart tunnel access, and the endpoint operating system associated with the list. Because each
group policy or local user policy supports one smart tunnel list, you must group the nonbrowser-based
applications to be supported into a smart tunnel list. After creating a list, you assign it to one or more
group policies or local user policies.
The following sections describe smart tunnels and how to configure them:
• About Smart Tunnels
• Why Smart Tunnels?
• Adding Applications to Be Eligible for Smart Tunnel Access
• Adding Applications to Be Eligible for Smart Tunnel Access
• About Smart Tunnel Lists
Command Purpose
Step 1
webvpn
Switches to webvpn configuration mode.
Step 2
clear aaa kerberos tickets
Clears all Kerberos ticket information on the ASA.
Step 3
clear aaa kerberos tickets [username user | host ip
| hostname]
• user—Used to clear the Kerberos tickets of a specific
user
• hostname—Used to clear the Kerberos tickets of a
specific host
To Next Page
Loading...
Need help?
General
