1-66
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Clientless SSL VPN
Configuring Port Forwarding
Adding Applications to Be Eligible for Port Forwarding
The clientless SSL VPN configuration of each ASA supports port forwarding lists, each of which
specifies local and remote ports used by the applications for which you want to provide access. Because
each group policy or username supports only one port forwarding list, you must group each set of
applications to be supported into a list. To display the port forwarding list entries already present in the
ASA configuration, enter the following commands:
Detailed Steps
Step 5
tunnel-group webvpn
Switches to tunnel-group webvpn configuration
mode.
Step 6
(Required only if you are using a domain name other than the
default one [DefaultDNS])
dns-group
Example:
asa2(config-dns-server-group)# exit
asa2(config)# tunnel-group DefaultWEBVPNGroup
webvpn-attributes
asa2(config-tunnel-webvpn)# dns-group example.com
Specifies the domain name the tunnel groups will
use. By default, the security appliance assigns the
Default WEBVPNGroup as the default tunnel group
for clientless connections. Follow this instruction if
the ASA uses that tunnel group to assign settings to
the clientless connections. Otherwise, follow this
step for each tunnel configured for clientless
connections.
Command Purpose
Command Purpose
Step 1
show run webvpn port-forward
Displays the port forwarding list entries already
present in the ASA configuration.
Step 2
webvpn
Switches to webvpn configuration mode.
To Next Page
Loading...
Need help?
General
