64-11
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 64 General VPN Setup
Group Policies
–
Auto Sign-on Server List—Choose the list name from the drop-down menu if you want to
reissue the user credentials when the user establishes a smart tunnel connection to a server. Each
smart tunnel auto sign-on list entry identifies a server with which to automate the submission
of user credentials. To view, add, modify, or delete a smart tunnel auto sign-on list, click
Manage.
–
Windows Domain Name (Optional)—Specify the Windows domain to add it to the username
during auto sign-on, if the universal naming convention (domain\username) is required for
authentication. For example, enter CISCO to specify CISCO\qa_team when authenticating for
the username qu_team. You must also check the “Use Windows domain name with user name”
option when configuring associated entries in the auto sign-on server list.
• ActiveX Relay—Lets Clientless users launch Microsoft Office applications from the browser. The
applications use the session to download and upload Microsoft Office documents. The ActiveX relay
remains in force until the Clientless SSL VPN session closes.
More Options:
• HTTP Proxy—Enables or disables the forwarding of an HTTP applet proxy to the client. The proxy
is useful for technologies that interfere with proper content transformation, such as Java, ActiveX,
and Flash. It bypasses mangling while ensuring the continued use of the security appliance.
The forwarded proxy automatically modifies the old browser proxy configuration and redirects all
HTTP and HTTPS requests to the new proxy configuration. It supports virtually all client side
technologies, including HTML, CSS, JavaScript, VBScript, ActiveX, and Java. The only browser it
supports is Microsoft Internet Explorer.
• Auto Start (HTTP Proxy)—Check to enable HTTP Proxy automatically upon user login. Uncheck
to enable smart tunnel access upon user login, but require the user to start it manually.
• HTTP Compression—Enables compression of HTTP data over the Clientless SSL VPN session.
Modes
The following table shows the modes in which this feature is available:
Configuring Customization for a Group Policy
To configure customization for a group policy, select a preconfigured portal customization object, or
accept the customization provided in the default group policy. You can also configure a URL to display
Fields
• Portal Customization—Configure a customization object for the end user portal.
–
Inherit—To inherit a portal customization from the default group policy, check Inherit. To
specify a previously configured customization object, uncheck Inherit and choose the
customization object from the drop-down list.
–
Manage—Click to import a new customization object.
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• — • ——
To Next Page
Loading...
