67-38
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 67 Clientless SSL VPN
Configuring Smart Tunnel Access
Note This configuration is applicable to Windows platforms only.
Follow these steps to configure tunnel policy.
Step 1 Choose Configuration > Remote Access VPN > AAA/Local Users > Local Users.
Step 2 In the User Account window, highlight the username that you want to edit.
Step 3 Click Edit. The Edit User Account window appears.
Step 4 In the left sidebar of the Edit User Account window, click VPN Policy > Clientless SSL VPN.
Step 5 Perform one of the following:
• Check the smart tunnel_all_applications check box. All applications will be tunneled without
making a list or knowing which executables an end user may invoke for external applications.
• Or choose from the following tunnel policy options:
–
Uncheck the Inherit check box at the Smart Tunnel Policy parameter.
–
Choose from the network list and specify one of the tunnel options: use smart tunnel for the
specified network, do not use smart tunnel for the specified network, or use tunnel for all
network traffic.
Add or Edit Smart Tunnel List
The Add Smart Tunnel List dialog box lets you add to the security appliance configuration a list of
applications that can access smart tunnel. The Edit Smart Tunnel List dialog box lets you modify the
contents of the list.
Field
• List Name—Enter a unique name for the list of applications or programs. Do not use spaces.
Table 67-3 Access for Smart Tunnel Applications and Enabled Bookmarks
Smart Tunnel Enabled Bookmark Smart Tunnel Application Access
Application list specified Any processes that match a
process name in the application
list are granted access.
Only processes that match a
process name in the application
list are granted access.
Smart tunnel is disabled All processes (and their child
processes) are granted access.
No process is granted access.
Smart Tunnel all
Applications check box is
checked
All processes (and their child
processes) are granted access.
Note This includes processes
initiated by non-Smart
Tunnel web pages if the
web page is served by the
same browser process.
All processes owned by the user
who started the browser are
granted access but not child
processes of those original
processes.
To Next Page
Loading...
Need help?
General
