74-48
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter74 Configuring Clientless SSL VPN
Configuring Application Access

Clearing Cached Kerberos Tickets

To clear all Kerberos ticket information on the ASA, follow these commands:
Note
Configuring Application Access
The following sections describe how to enable smart tunnel access and port forwarding on clientless SSL
VPN sessions, specify the applications to be provided with such access, and provide notes on using it:
Logging Off Smart TunnelConfiguring Smart Tunnel Access
Logging Off Smart TunnelConfiguring Smart Tunnel Access
A smart tunnel list identifies one or more applications eligible for smart tunnel access and the endpoint
operating system associated with the list. Because each group policy or local user policy supports one
smart tunnel list, you must group the nonbrowser-based applications to be supported into a smart tunnel
list. Without writing a script or uploading anything, an administrator can specify which homepage in the
group policy to connect with via smart tunnel (with the homepage use-smart-tunnel CLI command or on
the GUI). Following the configuration of a list, you can assign it to one or more group policies or local
user policies. If the administrator has it configured as such, you can browse the internet directly while
accessing company internal resources via smart tunnel.
The following sections describe smart tunnels and how to configure them:
About Smart Tunnels
Why Smart Tunnels?
Adding Applications to Be Eligible for Smart Tunnel Access
Adding Applications to Be Eligible for Smart Tunnel Access
Assigning a Smart Tunnel List
Configuring and Applying a Smart Tunnel Tunnel Policy
Specifying Servers for Smart Tunnel Auto Sign-on
Adding or Editing a Smart Tunnel Auto Sign-on Server Entry
Command Purpose
Step1 webvpn Switches to webvpn configuration mode.
Step2 clear aaa kerberos Clears all Kerberos ticket information on the ASA.
Step3 clear aaa kerberos [username user | host ip |
hostname]
user—Used to clear the Kerberos tickets of a specific
user
hostname—Used to clear the Kerberos tickets of a
specific host