74-54
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter74 Configuring Clientless SSL VPN
Configuring Application Access
Step5 smart-tunnel list
entering the same list string but specifying the unique
application string and path value in each command
OR
smart-tunnel list
entering the same list string but specifying the unique
application string and a unique hash value
Enter once for each path to authorize an application
for smart tunnel access when it is present on one of
several paths on the remote host.
Note A sudden problem with smart tunnel access
may be an indication that a Process Name
value is not up-to-date with an application
upgrade. For example, the default path to an
application sometimes changes following
the acquisition of the company that produces
the application and the next application
upgrade.
Enter once for each version when multiple versions
of an application exist. Entering a hash provides a
reasonable assurances that SSL VPN does not
qualify an illegitimate file that matches the string
you specified in the path.
Note You must maintain the smart tunnel list in
the future if you enter hash values and you
want to support future versions or patches of
an application with smart tunnel access. A
sudden problem with smart tunnel access
may be an indication that the application list
containing hash values is not up-to-date with
an application upgrade. You can avoid this
problem by not entering a hash.
Command Purpose