Cisco Systems ASA 5510 Network Router User Manual


  Open as PDF
of 2086
 
72-22
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 72 Configuring Clientless SSL VPN
Configuring Session Settings
Configuring Session Settings
The clientless SSL VPN Add/Edit Internal Group Policy > More Options > Session Settings window lets
you specify personalized user information between clientless SSL VPN sessions. By default, each group
policy inherits the settings from the default group policy. Use this window to specify personalized
clientless SSL VPN user information for the default group policy and any group policies for which you
want to differentiate these values.
Detailed Steps
Step 1 Click none or choose the file server protocol (smb or ftp) from the User Storage Location drop-down
menu. If you choose smb or ftp, use the following syntax to enter the file system destination into the
adjacent text field:
username:password@host:port-number/path
For example
mike:mysecret@ftpserver3:2323/public
Note Although the configuration shows the username, password, and preshared key, the ASA uses
an internal algorithm to store the data in an encrypted form to safeguard it.
Step 2 Type the string, if required, for the security appliance to pass to provide user access to the storage
location.
Step 3 Choose one of the following options from the Storage Objects drop-down menu to specify the objects
the server uses in association with the user. The ASA store these objects to support clientless SSL VPN
connections.
cookies,credentials
cookies
credentials
Step 4 Enter the limit in KB transaction size over which to time out the session. This attribute applies only to a
single transaction. Only a transaction larger than this value resets the session expiration clock.
Java Code Signer
Code signing appends a digital signature to the executable code itself. This digital signature provides
enough information to authenticate the signer as well as to ensure that the code has not been
subsequently modified since signed.
Code-signer certificates are special certificates whose associated private keys are used to create digital
signatures. The certificates used to sign code are obtained from a CA, with the signed code itself
revealing the certificate origin.
Choose the configured certificate that you want to employ in Java object signing from the drop down list.
To configure a Java Code Signer, choose Configuration > Remote Access VPN > Certificate
Management > Java Code Signer.