EasyManuals Logo
Home>Cisco>Firewall>5510 - ASA SSL / IPsec VPN Edition

Cisco 5510 - ASA SSL / IPsec VPN Edition User Manual

Cisco 5510 - ASA SSL / IPsec VPN Edition
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1872 background imageLoading...
Page #1872 background image
1-64
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Clientless SSL VPN
Configuring Port Forwarding
Information About Port Forwarding
Port forwarding lets users access TCP-based applications over a clientless SSL VPN connection. Such
applications include the following:
• Lotus Notes
• Microsoft Outlook Express
• Perforce
• Sametime
• Secure FTP (FTP over SSH)
• SSH
• TELNET
• Windows Terminal Service
Other TCP-based applications may also work, but we have not tested them. Applications that use UDP
do not work.
Port forwarding is the legacy technology for supporting TCP-based applications over a clientless SSL
VPN connection. You may choose to use port forwarding because you have built earlier configurations
that support this technology.
Consider the following alternatives to port forwarding:
• Smart tunnel access offers the following advantages to users:
–
Smart tunnel offers better performance than plug-ins.
–
Unlike port forwarding, smart tunnel simplifies the user experience by not requiring the user
connection of the local application to the local port.
–
Unlike port forwarding, smart tunnel does not require users to have administrator privileges.
When configuring port forwarding on the ASA, you specify the port the application uses. When
configuring smart tunnel access, you specify the name of the executable file or its path.
Prerequisites
• Refer to the Supported VPN Platforms, Cisco ASA 5500 Series compatibility guide for port
forwarding pre-requisites.
• Browser-based users of Safari on Mac OS X 10.5.3 must identify a client certificate for use with the
URL of the ASA, once with the trailing slash and once without it, because of the way Safari
interprets URLs. For example,
–
https://example.com/
–
https://example.com
For details, go to the Safari, Mac OS X 10.5.3: Changes in client certificate authentication.
• Users of Microsoft Windows Vista or later who use port forwarding or smart tunnels must add the
URL of the ASA to the Trusted Site zone. To access the Trusted Site zone, they must start Internet
Explorer and choose the Tools > Internet Options > Security tab. Vista (or later) users can also
disable Protected Mode to facilitate smart tunnel access; however, we recommend against this
method because it increases the computer’s vulnerability to attack.

Table of Contents

Other manuals for Cisco 5510 - ASA SSL / IPsec VPN Edition

Preview: Configuration Guide
Configuration Guide1822 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages
Preview: Getting Started Guide
Getting Started Guide208 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 5510 - ASA SSL / IPsec VPN Edition and is the answer not in the manual?

Cisco 5510 - ASA SSL / IPsec VPN Edition Specifications

General IconGeneral
BrandCisco
Model5510 - ASA SSL / IPsec VPN Edition
CategoryFirewall
LanguageEnglish

Related product manuals