74-33
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter74 Configuring Clientless SSL VPN
Configuring Group Policy and User Attributes for Clientless SSL VPN
Configuring Group Policy and User Attributes for Clientless SSL VPN
Table74-3 provides a list of group policy and user attributes for clientless SSL VPN. For step-by-step
instructions on configuring group policy and user attributes, see “Configuring Group Policies” and
“Configuring Attributes for Specific Users” or in Chapter 67, “Configuring Connection Profiles, Group
Policies, and Users.”
.
dns-group Identifies the DNS server group that specifies the DNS server name, domain
name, name server, number of retries, and timeout values .
hic-fail-group-poli
cy
Specifies a VPN feature policy if you use the Cisco Secure Desktop Manager
to set the Group-Based Policy attribute to “Use Failure Group-Policy” or “Use
Success Group-Policy, if criteria match.”
override-svc-downlo
ad
Overrides downloading the group-policy or username attributes configured for
downloading the AnyConnect VPN client to the remote user.
radius-reject-messa
ge
Enables the display of the RADIUS reject message on the login screen when
authentication is rejected.
Table74-2 Connection Profile Attributes for Clientless SSL VPN
Command Function
Table74-3 Group Policy and User Attributes for Clientless SSL VPN
Command Function
activex-relay Lets a user who has established a clientless SSL VPN session use the browser
to launch Microsoft Office applications. The applications use the session to
download and upload Microsoft Office documents. The ActiveX relay remains
in force until the clientless SSL VPN session closes.
auto-signon Sets values for auto signon, which requires only that the user enter username
and password credentials only once for a clientless SSL VPN connection.
customization Assigns a customization object to a group-policy or user.
deny-message Specifies the message delivered to a remote user who logs into clientless SSL
VPN successfully, but has no VPN privileges.
file-browsing Enables CIFS file browsing for file servers and shares. Browsing requires
NBNS (Master Browser or WINS).
file-entry Allows users to enter file server names to access.
filter Sets the name of the webtype access list.
hidden-shares Controls the visibility of hidden shares for CIFS files.
homepage Sets the URL of the web page that displays upon login.
html-content-filter Configures the content and objects to filter from the HTML for this group
policy.
http-comp Configures compression.