Filter
Top Products
33-18
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 33 Configuring Policy Objects for Remote Access VPNs
ASA Group Policies Dialog Box
Field Reference
Table 33-10 ASA Group Policies SSL VPN Settings
Element Description
Home Page The URL of the SSL VPN home page. The page is displayed when users
log into the VPN. If you do not enter a URL, no home page is displayed.
Authentication Failure
Message
The message to deliver to a remote user who successfully logs into the
VPN but has no VPN privileges, and so can do nothing. The default
message is:
“Login was successful, but because certain criteria have not been met
or due to some specific group policy, you do not have permission to use
any of the VPN features. Contact your IT administrator for more
information.”
Minimum Keepalive Object
Size (kilobytes)
The minimum size (in kilobytes) of an IKE keepalive packet that can be
stored in the cache on the security appliance.
Single Sign On Server The name of the single sign on (SSO) server policy object that identifies
the server to use for this group, if any. An SSO server allows users to
enter their username and password once and be able to access other
server in the network without logging into each of them. If configure an
SSO server, also configure the auto signon rules table.
Enter the name of the object or click Select to select it from a list or to
create a new object. For more information, see Add or Edit Single Sign
On Server Dialog Boxes, page 33-30.
Enable HTTP Compression Whether to allow an HTTP compressed object to be cached on the
security appliance.
Auto Signon Rules table If you configure a single sign on server, the auto signon rules table
contains the rules that determine which internal servers are provided
the user’s credentials. Thus, you can provide single sign on for some
servers in your network but not others.
Each rule is an allow rule, and indicates the IP address, subnet, or
Universal Resource Identifier (URI) that identifies the server, and the
type of authentication that will be sent to the server when the user tries
to access it (either basic HTML, NTLM, FTP, or all of these). The rules
are processed in order, top to bottom, and the first match is applied.
Therefore, be sure to order the rules correctly using the up and down
arrow buttons.
If the user accesses a server that is not identified in one of these rules,
the user must log into the server to gain access.
• To add a rule, click the Add Row button to open the Add or Edit
Auto Signon Rules Dialog Box, page 33-19.
• To edit a rule, select it and click the Edit Row button.
• To delete a rule, select it and click the Delete Row button.