Cisco Systems ASA 5510, ASA 5512-X, ASA 5515-X, ASA 5520, ASA 5525-X, ASA 5540, ASA 5545-X, ASA 5550, ASA 5555-X, ASA 5580, ASA 5585-X, ASA 5505 Configuring a Smart Tunnel (Lotus example)

72-45

Cisco ASA 5500 Series Configuration Guide using ASDM

Chapter72 Configuring Clientless SSL VPN

Configuring Application Access

•For Windows, if you want to add smart tunnel access to an application started from the command

prompt, you must specify “cmd.exe” in the Process Name of one entry in the smart tunnel list, and

specify the path to the application itself in another entry, because “cmd.exe” is the parent of the

application.

•Mac OS requires the full path to the process and is case-sensitive. To avoid specifying a path for

each username, insert a tilde (~) before the partial path (e.g., ~/bin/vnc).

•Smart Tunnel and Secure Desktop (Vault) Interoperability

Cisco supports smart tunneling inside a Secure Desktop (Vault) environment on all operating

systems that support Vault. We also support smart tunneling of desktop applications and

browser-based applications.

ASA 8.3 or later is required to perform smart tunneling from an endpoint using IE8 or a 64-bit

Windows operating system.

To implement smart tunneling with IE8, from within a Secure Desktop (Vault), the endpoint must

be connected to a secure gateway running ASA 8.3 or later; in addition, the endpoint must have

Cisco Secure Desktop 3.5 or later installed.

Smart tunneling is not intended to restrict network access to only internal resources.

Configuring a Smart Tunnel (Lotus example)

To configure a Smart Tunnel, perform the following steps:

Note These example instructions provide the minimum instructions required to add smart tunnel support for

an application. See the field descriptions in the sections that follow for more information.

Detailed Steps

Step1 Choose Configuration > Remote Access VPN > Clientless SSL VPN Access > Portal > Smart

Tunnels.

Step2 Double-click the smart tunnel list to which you want to add an application; or click Add to create a list

of applications, enter a name for this list in the List Name field, and click Add.

For example, click Add in the Smart Tunnels pane, enter Lotus in the List Name field, and click Add.

Step3 Click Add in the Add or Edit Smart Tunnel List dialog box.

Step4 Enter a string in the Application ID field to serve as a unique index to the entry within the smart tunnel

list.

Step5 Enter the filename and extension of the application into the Process Name dialog box.

Table72-4 shows example Application ID strings and the associated paths required to support Lotus.

Table72-4 Smart Tunnel Example: Lotus 6.0 Thick Client with Domino Server 6.5.5

Application ID Example Minimum Required Process Name

lotusnotes notes.exe

lotusnlnotes nlnotes.exe

lotusntaskldr ntaskldr.exe

lotusnfileret nfileret.exe

Cisco Systems Configuring a Smart Tunnel (Lotus example)