Filter
Top Products
30-75
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 30 Managing Remote Access VPNs on ASA and PIX 7.0+ Devices
Customizing Clientless SSL VPN Portals
f. Click OK to save the object.
Step 2 (Optional) Create an SSL VPN smart tunnel auto sign-on list policy object:
a. Select Manage > Policy Objects to open the Policy Object Manager (see Policy Object Manager,
page 6-4), and select SSL VPN Smart Tunnel Auto Signon Lists from the table of contents.
Tip You can also create SSL VPN smart tunnel auto sign-on list objects when you create or edit the
ASA group policy object. For more information, see Selecting Objects for Policies, page 6-2.
b. Click the Add Object button to open the Add and Edit Smart Tunnel Auto Signon List Dialog
Boxes, page 33-55.
c. Enter a name for the object, up to 64 characters.
d. To the table of smart tunnel auto sign-on entries, add the servers for which to automate the
submission of login credentials during smart tunnel setup (click the Add Row button to open the
Add and Edit Smart Tunnel Auto Signon Entry Dialog Boxes, page 33-56).
e. You can also incorporate other SSL VPN smart tunnel auto sign-on list objects into the object. This
allows you to create a core set of smart tunnel auto sign-on list objects that you can use repeatedly
in other objects.
f. Click OK to save the object.
Step 3 Configure the ASA group policy object to use the SSL VPN smart tunnel list object:
a. Edit (or create) the ASA group policy object either from the Policy Object Manager, page 6-4 or the
Remote Access VPN > Group Policies policy. The object must be configured to support SSL VPNs.
(You can also edit these objects from the Remote Access VPN > Connection Profiles policy from
an individual profile.)
b. Select the SSL VPN > Clientless folder from the table of contents to open ASA Group Policies SSL
VPN Clientless Settings, page 33-10.
c. Enter the name of the SSL VPN smart tunnel list object in the Smart Tunnel field.
d. Select Auto Start Smart Tunnel to automatically start smart tunnels for the applications when the
user connects to the SSL VPN portal.
If you do not select this option, users must start smart tunnel access using the Application Access
> Start Smart Tunnels button on the clientless SSL VPN portal page.
e. Enter the name of the SSL VPN smart tunnel auto sign-on list object in the Smart Tunnel Auto
Signon Server List field.
f. If the universal naming convention (domain\username) is required for authentication, specify the
Windows domain to add it to the username during auto sign-on in the Domain Name field. For
example, enter CISCO to specify CISCO\qa_team when authenticating for the username qa_team.
You must also check the Use Domain option when configuring associated entries in the auto sign-on
server list.