EasyManuals Logo
Home>Cisco>Firewall>FirePOWER ASA 5500 series

Cisco FirePOWER ASA 5500 series User Manual

Cisco FirePOWER ASA 5500 series
989 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #704 background imageLoading...
Page #704 background image
37-14
Cisco Security Appliance Command Line Configuration Guide
OL-10088-01
Chapter 37 Configuring WebVPN
Creating and Applying WebVPN Policies
hostname(config-aaa-server-host)#
Step 4 To configure a user password parameter for the HTTP POST request, use the password-parameter
command in aaa-server-host configuration mode. For example, the following command configures a user
password parameter named user_password:
hostname(config-aaa-server-host)# password-parameter user_password
hostname(config-aaa-server-host)#
Step 5 To specify hidden parameters for exchange with the authenticating web server, use the
hidden-parameter command in aaa-server-host configuration mode. An example hidden parameter
excerpted from a POST request follows:
SMENC=ISO-8859-1&SMLOCALE=US-EN&target=https%3A%2F%2Fwww.example.com%2Femco
%2Fappdir%2FAreaRoot.do%3FEMCOPageCode%3DENG&smauthreason=0
This hidden parameter includes four form entries and their values, separated by &. The four entries and
their values are:
SMENC with a value of ISO-8859-1
SMLOCALE with a value of US-EN
target with a value of https%3A%2F%2Fwww.example.com%2Femco%2Fappdir%2FAreaRoot.do
%3FEMCOPageCode%3DENG
smauthreason with a value of 0
To specify this hidden parameter, enter the following commands:
hostname(config)# aaa-server testgrp1 host example.com
hostname(config-aaa-server-host)# hidden-parameter SMENC=ISO-8859-1&SMLOCALE=US-EN&targe
hostname(config-aaa-server-host)# hidden-parameter t=https%3A%2F%2Fwww.example.com%2Femc
hostname(config-aaa-server-host)# hidden-parameter o%2Fappdir%2FAreaRoot.do%3FEMCOPageCo
hostname(config-aaa-server-host)# hidden-parameter de%3DENG&smauthreason=0
hostname(config-aaa-server-host)#
Step 6 To specify the name for the authentication cookie, enter the auth-cookie-name command in
aaa-server-host configuration mode. This command is optional. The following example specifies the
authentication cookie name of SsoAuthCookie:
hostname(config-aaa-server-host)# auth-cookie-name SsoAuthCookie
hostname(config-aaa-server-host)#
Authenticating with Digital Certificates
WebVPN users that authenticate using digital certificates do not use global authentication and
authorization settings. Instead, they use an authorization server to authenticate once the certificate
validation occurs. For more information on authentication and authorization using digital certificates,
see “Using Certificates and User Login Credentials” in the “Configuring AAA Servers and the Local
Database” chapter.
Creating and Applying WebVPN Policies
Creating and applying WebVPN policies that govern access to resources at the central site includes the
following tasks:

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco FirePOWER ASA 5500 series and is the answer not in the manual?

Cisco FirePOWER ASA 5500 series Specifications

General IconGeneral
BrandCisco
ModelFirePOWER ASA 5500 series
CategoryFirewall
LanguageEnglish

Related product manuals