Support User Manuals

Cisco Systems ASA5515K9 Network Router User Manual

Open as PDF

of 1994

74-33

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 74 Configuring Clientless SSL VPN

Configuring Group Policy and User Attributes for Clientless SSL VPN

Configuring Group Policy and User Attributes for Clientless SSL

VPN

Table 74-3 provides a list of group policy and user attributes for clientless SSL VPN. For step-by-step

instructions on configuring group policy and user attributes, see “Configuring Group Policies” and

“Configuring Attributes for Specific Users” or in Chapter 67, “Configuring Connection Profiles, Group

Policies, and Users.”

.

dns-group

Identifies the DNS server group that specifies the DNS server name, domain

name, name server, number of retries, and timeout values .

hic-fail-group-poli

cy

Specifies a VPN feature policy if you use the Cisco Secure Desktop Manager

to set the Group-Based Policy attribute to “Use Failure Group-Policy” or “Use

Success Group-Policy, if criteria match.”

override-svc-downlo

ad

Overrides downloading the group-policy or username attributes configured for

downloading the AnyConnect VPN client to the remote user.

radius-reject-messa

ge

Enables the display of the RADIUS reject message on the login screen when

authentication is rejected.

Table 74-2 Connection Profile Attributes for Clientless SSL VPN

Command Function

Table 74-3 Group Policy and User Attributes for Clientless SSL VPN

Command Function

activex-relay

Lets a user who has established a clientless SSL VPN session use the browser

to launch Microsoft Office applications. The applications use the session to

download and upload Microsoft Office documents. The ActiveX relay remains

in force until the clientless SSL VPN session closes.

auto-signon

Sets values for auto signon, which requires only that the user enter username

and password credentials only once for a clientless SSL VPN connection.

customization

Assigns a customization object to a group-policy or user.

deny-message

Specifies the message delivered to a remote user who logs into clientless SSL

VPN successfully, but has no VPN privileges.

file-browsing

Enables CIFS file browsing for file servers and shares. Browsing requires

NBNS (Master Browser or WINS).

file-entry

Allows users to enter file server names to access.

filter

Sets the name of the webtype access list.

hidden-shares

Controls the visibility of hidden shares for CIFS files.

homepage

Sets the URL of the web page that displays upon login.

html-content-filter

Configures the content and objects to filter from the HTML for this group

policy.

http-comp

Configures compression.

previous next