Filter
Top Products
74-57
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 74 Configuring Clientless SSL VPN
Configuring Application Access
Detailed Steps
Configuring and Applying a Smart Tunnel Tunnel Policy
Like the split tunnel configuration in SSL VPN client, the smart tunnel tunnel policy is a per
group-policy/username configuration. Each group policy/username references a globally configured list
of networks:
Detailed Steps
Command Purpose
Step 1
webvpn
Switches to webvpn configuration mode.
Step 2
[no] smart-tunnel network <network name> ip <ip>
<netmask>
Creates a list of hosts to use for configuring smart
tunnel policies. <network name> is the name to
apply to the tunnel policy. <ip> is the IP address of
the network. <netmask> is the netmask of the
network.
Step 3
[no] smart-tunnel network <network name> host <host
mask>
Establishes the hostname mask, such as *.cisco.com.
Step 4
[no] smart-tunnel tunnel-policy ((excludespecified |
tunnelspecified) <network name> | tunnelall)
OR
[no smart-tunnel tunnel-policy ((excludespecified |
tunnelspecified) <network name> | tunnelall)
Applies smart tunnel policies to a particular group or
user policy. <network name> is a list of networks to
be tunneled. <tunnelall> makes everything tunneled
(encrypted). tunnelspecified tunnels only networks
specified by network name. excludespecified tunnels
only networks that are outside of the networks
specified by network name.
Command Purpose
Step 1
webvpn
Switches to webvpn configuration mode.
Step 2
config-group-webvpn
Switches to config-group-webvpn configuration
mode.
Step 3
[no] smart-tunnel tunnel-policy ((excludespecified |
tunnelspecified) <network name> | tunnelall)
OR
[no] smart-tunnel tunnel-policy ((excludespecified |
tunnelspecified) <network name> | tunnelall)
References a globally configured list of networks.
<network name> is a list of networks to be tunneled.
<tunnelall> makes everything tunneled (encrypted).
tunnelspecified tunnels only networks specified by
network name. excludespecified tunnels only
networks that are outside of the networks specified
by network name.