69-73
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 69 General VPN Setup
Configuring Clientless SSL VPN Connections
• Connection Aliases—Lists in a table the existing connection aliases and their status and lets you add
or delete items in that table. A connection alias appears on the user login page if the connection is
configured to allow users to select a particular connection (tunnel group) at login. The rows in this
table are editable in place, so there is no Edit button. Clicking the “i” icon above the table opens a
tooltip for the edit function.
–
Add—Opens the Add Connection Alias dialog box, on which you can add and enable a
connection alias.
–
Delete—Removes the selected row from the connection alias table. There is no confirmation or
undo.
–
To edit an alias listed in the table, double-click the line.
• Group URLs—Lists in a table the existing group URLs and their status and lets you add or delete
items in that table. A group URL appears on the user login page if the connection is configured to
allow users to select a particular group at login. The rows in this table are editable in place, so there
is no Edit button. Clicking the “i” icon above the table opens a tooltip for the edit function.
–
Add—Opens the Add Group URL dialog box, on which you can add and enable a group URL.
–
Delete—Removes the selected row from the connection alias table. There is no confirmation or
undo.
–
To edit a URL listed in the table, double-click the line.
• Do not run Cisco Secure Desktop (CSD) on client machine when using group URLs defined above to
access the ASA. (If a client connects using a connection alias, this setting is ignored.)—Check if you
want to exempt users from running CSD who use a URL that matches an entry in the Group URLs table.
Be aware that doing so stops the security appliance from receiving endpoint criteria from these users, so
you might have to change the DAP configuration to provide them with VPN access.
Modes
The following table shows the modes in which this feature is available:
Add or Edit Clientless SSL VPN Connections > Advanced > Clientless SSL VPN
This dialog box lets you configure attributes that affect what the remote user sees upon login.
Fields
• Portal Page Customization—Configures the look and feel of the user login page by specifying which
preconfigured customization attributes to apply. The default is DfltCustomization.
• Enable the display of Radius Reject-Message on the login screen—Select this check box to display
the RADIUS-reject message on the login dialog box when authentication is rejected.
• Enable the display of SecurId message on the login screen—Select this check box to display
SecurID messages on the login dialog box.
• Manage—Opens the Configure GUI Customization Objects dialog box.
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• — • ——