37-16
Cisco Security Appliance Command Line Configuration Guide
OL-10088-01
Chapter 37 Configuring WebVPN
Configuring WebVPN Tunnel Group Attributes
For example, to set a WebVPN user to the SSL_VPN group, set the RADIUS Class Attribute to a value
of OU=SSL_VPN; (Do not omit the semicolon.)
Configuring WebVPN Tunnel Group Attributes
Table 37-1 provides a list of tunnel group attributes that are specific to WebVPN. In addition to these
attributes, you configure general tunnel group attributes common to all VPN connections. For
step-by-step information on configuring tunnel groups, see “Configuring WebVPN Tunnel Groups” in
Chapter 30, “Configuring Tunnel Groups, Group Policies, and Users.”
Configuring WebVPN Group Policy and User Attributes
Table 37-2 provides a list of WebVPN group policy and user attributes. For step-by-step instructions on
configuring group policy and user attributes, see “Configuring Group Policies” and “Configuring
Attributes for Specific Users”in Chapter 30, “Configuring Tunnel Groups, Group Policies, and Users.”
.
Table 37-1 WebVPN Tunnel Group Attributes
Command Function
authentication Sets the authentication method.
customization Identifies the name of a previously defined customization to apply.
nbns-server Identifies the name of the NetBIOS Name Service server (nbns-server) to use
for CIFS name resolution.
group-alias Specifies the alternate names by which the server can refer to a tunnel group
group-url Identifies one or more group URLs. If you configure this attribute, users
coming in on a specified URL need not select a group at login
dns-group Identifies the DNS server group that specifies the DNS server name, domain
name, name server, number of retries, and timeout values
hic-fail-group-policy Specifies a VPN feature policy if you use the Cisco Secure Desktop Manager
to set the Group-Based Policy attribute to “Use Failure Group-Policy” or “Use
Success Group-Policy, if criteria match.”
Table 37-2 WebVPN Group Policy and User Attributes
Command Function
auto-signon Sets values for auto signon, which requires only that s user enter username and
password credentials only once for a WebVPN connection.
customization Assigns a customization object to a group-policy or user.
deny-message Specifies the message delivered to a remote user who logs into WebVPN
successfully, but has no VPN privileges.
filter Sets the name of the webtype access list.
To Next Page
Loading...
Need help?
General