Cisco Systems ASA 5510 Network Router User Manual


  Open as PDF
of 2086
 
72-144
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 72 Configuring Clientless SSL VPN
Configuring Bookmarks
Browse Local Files.../Browse Flash...—Browse to the path for the file.
Step 2 Determine whether authentication is required to access the content.
The prefix to the path changes depending on whether you require authentication. The ASA uses
/+CSCOE+/ for objects that require authentication, and /+CSCOU+/ for objects that do not. The ASA
displays /+CSCOE+/ objects on the portal page only, while /+CSCOU+/ objects are visible and usable
in either the logon or the portal pages.
Step 3 Click to import or export the file.
Adding/Editing Post Parameter
Use this pane to configure post parameters for bookmark entries and URL lists.
Clientless SSL VPN variables allow for substitutions in URLs and forms-based HTTP post operations.
These variables, also known as macros, let you configure users for access to personalized resources that
contain the user ID and password or other input parameters. Examples of such resources include
bookmark entries, URL lists, and file shares.
Detailed Steps
Step 1 Provide the name and value of the parameters exactly as in the corresponding HTML form, for example:
<input name=“param_name” value=“param_value”>.
You can choose one of the supplied variables from the drop-down list, or you can construct a variable.
The variables you can choose from the drop-down list include the following:
Table 72-17 Clientless SSL VPN Variables
No. Variable Substitution Definition
1 CSCO_WEBVPN_USERNAME SSL VPN user login ID
2 CSCO_WEBVPN_PASSWORD SSL VPN user login password
3 CSCO_WEBVPN_INTERNAL_PASSWORD SSL VPN user internal resource password. This is a cached
credential, and not authenticated by a AAA server. If a user enters
this value, it is used as the password for auto-signon, instead of the
password value.
4 CSCO_WEBVPN_CONNECTION_PROFILE SSL VPN user login group drop-down, a group alias within the
connection profile
5 CSCO_WEBVPN_MACRO1 Set via RADIUS/LDAP vendor-specific attribute. I f you are
mapping this from LDAP via an ldap-attribute-map, the Cisco
attribute that uses this variable is
WEBVPN-Macro-Substitution-Value1.
Variable substitution via RADIUS is performed by VSA#223.
6 CSCO_WEBVPN_MACRO2 Set via RADIUS/LDAP vendor-specific attribute. If you are mapping
this from LDAP via an ldap-attribute-map, the Cisco attribute that
uses this variable is WEBVPN-Macro-Substitution-Value2.
Variable substitution via RADIUS is performed by VSA#224.