1-54
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Clientless SSL VPN
Configuring Application Access
–
Statically linked applications to locate libsocket calls.
• Mac OS X requires the full path to the process and is case-sensitive. To avoid specifying a path for
each username, insert a tilde (~) before the partial path (e.g., ~/bin/vnc).
Adding Applications to Be Eligible for Smart Tunnel Access
The clientless SSL VPN configuration of each ASA supports smart tunnel lists, each of which identifies
one or more applications eligible for smart tunnel access. Because each group policy or username
supports only one smart tunnel list, you must group each set of applications to be supported into a smart
tunnel list.
About Smart Tunnel Lists
For each group policy and username, you can configure clientless SSL VPN to do one of the following:
• Start smart tunnel access automatically upon user login.
• Enable smart tunnel access upon user login, but require the user to start it manually, using the
Application Access > Start Smart Tunnels button on the clientless SSL VPN Portal Page.
Restrictions
The smart tunnel logon options are mutually exclusive for each group policy and username. Use only
one.
Detailed Steps
The following smart tunnel commands are available to each group policy and username. The
configuration of each group policy and username supports only one of these commands at a time, so
when you enter one, the ASA replaces the one present in the configuration of the group policy or
username in question with the new one, or in the case of the last command, simply removes the
smart-tunnel command already present in the group policy or username.
To Next Page
Loading...
Need help?
General
