Support User Manuals

Cisco Systems ASA5515K9 Network Router User Manual

Open as PDF

of 1994

74-34

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 74 Configuring Clientless SSL VPN

Configuring Browser Access to Plug-ins

Configuring Browser Access to Plug-ins

The following sections describe the integration of browser plug-ins for clientless SSL VPN browser

access:

• Preparing the Security Appliance for a Plug-in, page 74-36

• Installing Plug-ins Redistributed By Cisco, page 74-36

• Providing Access to Third-Party Plug-ins, page 74-38

• Providing Access to a Citrix Java Presentation Server, page 74-40

A browser plug-in is a separate program that a web browser invokes to perform a dedicated function,

such as connect a client to a server within the browser window. The ASA lets you import plug-ins for

download to remote browsers in clientless SSL VPN sessions. Of course, Cisco tests the plug-ins it

redistributes, and in some cases, tests the connectivity of plug-ins we cannot redistribute. However, we

do not recommend importing plug-ins that support streaming media at this time.

Note Per the GNU General Public License (GPL), Cisco redistributes plug-ins without having

made any changes to them. Per the GPL, Cisco cannot directly enhance these plug-ins.

The ASA does the following when you install a plug-in onto the flash device:

• (Cisco-distributed plug-ins only) Unpacks the jar file specified in the URL.

• Writes the file to the csco-config/97/plugin directory on the ASA file system.

http-proxy

Configures the ASA to use an external proxy server to handle HTTP requests.

Note Proxy NTLM authentication is not supported in http-proxy. Only

proxy without authentication and basic authentication are supported.

keep-alive-ignore

Sets the maximum object size to ignore for updating the session timer.

port-forward

Applies a list of clientless SSL VPN TCP ports to forward. The user interface

displays the applications on this list.

post-max-size

Sets the maximum object size to post.

smart-tunnel

Configures a list of programs to use smart tunnel.

sso-server

Sets the name of the SSO server.

storage-objects

Configures storage objects for the data stored between sessions.

svc

Configures SSL VPN Client attributes.

unix-auth-gid

Sets the UNIX group ID.

unix-auth-uid

Sets the UNIX user ID.

upload-max-size

Sets the maximum object size to upload.

url-entry

Controls the ability of the user to enter any HTTP/HTTP URL.

url-list

Applies a list of servers and URLs that clientless SSL VPN portal page

displays for end user access.

user-storage

Configures a location for storing user data between sessions.

Table 74-3 Group Policy and User Attributes for Clientless SSL VPN

Command Function

previous next