74-61
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter74 Configuring Clientless SSL VPN
Configuring Application Access
Automating Smart Tunnel Access
To start smart tunnel access automatically upon user login, enter the following commands:
Step4 (Optional)
[no] smart-tunnel auto-signon enable list [domain
domain] [host host name] [realm realm string] [port
port number]
Disables smart tunnel auto sign-on clientless SSL
VPN session, removes it from the group policy or
username, and uses the default.
list—The name of a smart tunnel auto sign-on
list already present in the ASA webvpn
configuration.
(Optional) domain domain—The name of the
domain to be added to the username during
authentication. If you enter a domain, enter the
use-domain keyword in the list entries.
host—Specifies the server by its host name or
wildcard mask. Using this option protects the
configuration from dynamic changes to IP
addresses.
port—Specifies which port performs auto
sign-on. For Firefox, if no port number is
specified, auto sign is performed on HTTP and
HTTPS, accessed by the default port numbers
80 and 443 respectively.
realm—Configures a realm for the
authentication. Realm is associated with the
protected area of the website and is passed back
to the browser either in the authentication
prompt or in the HTTP headers during
authentication. Once auto-sign is configured
and a realm string is specified, users can
configure the realm string on a web application
(such as Outlook Web Access) and access web
applications without signing on.
Step5 show running-config webvpn smart-tunnel Views the smart tunnel auto sign-on list entries in
the SSL VPN configuration.
Step6 smart-tunnel auto-signon enable HR Enables the smart tunnel auto sign-on list named
HR.
Step7 smart-tunnel auto-signon enable HR domain CISCO Enables the smart tunnel auto sign-on list named HR
and adds the domain named CISCO to the username
during authentication.
Step8 (Optional)
no smart-tunnel auto-signon enable HR
Removes the smart tunnel auto sign-on list named
HR from the group policy and inherits the smart
tunnel auto sign-on list command from the default
group policy.
Command Purpose