67-21
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 67 Clientless SSL VPN
Web ACLs
Web ACLs
The Web ACLs table displays the filters configured on the adaptive security appliance applicable to
clientless SSL VPN traffic. The table shows the name of each access control list (ACL), and below and
indented to the right of the ACL name, the ACEs (access control entries) assigned to the ACL.
Each ACL permits or denies access permits or denies access to specific networks, subnets, hosts, and
web servers. Each ACE specifies one rule that serves the function of the ACL.
You can configure ACLs to apply to clientless SSL VPN traffic. The following rules apply:
• If you do not configure any filters, all connections are permitted.
• The adaptive security appliance supports only an inbound ACL on an interface.
• At the end of each ACL, an implicit, unwritten rule denies all traffic that is not explicitly permitted.
You can add ACLs and ACEs as follows:
• To add an ACL, click the down arrow next to the plus sign above the table and click Add ACL.
Note An ACL must be present before you can add an ACE.
• To add an ACE to an ACL that is already present in the table, choose it, then click the down arrow
next to the plus sign above the table and click Add ACE.
• To insert an ACE before an ACE that is already present in the table, choose it, then click the down
arrow next to the plus sign above the table and click Insert.
• To insert an ACE after an ACE that is already present in the table, choose it, then click the down
arrow next to the plus sign above the table and click Insert After.
To change the values assigned to an ACE, double-click it, or choose it and click Edit.
To remove an ACL or an ACE, choose the entry in the table and click Delete.
The relative position of an ACE in an ACL determines the sequence with which the adaptive security
appliance applies it to traffic on the interface. You can reorganize and reuse the ACEs present in the table
as follows.
• To move an ACE above or below another ACE, choose it and click the up or down icon above the
table.
• To move an ACE, choose the ACE, click the scissors icon above the table. Select the target ACL or
ACE, click the arrow next to the clipboard icon, and click Paste to paste above the selection or Paste
After to paste after the selection. The Edit ACE dialog box opens, providing you with an opportunity
to change the values. Click OK.
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• — • ——
To Next Page
Loading...
Need help?
General
