Cisco Systems ASA 5540 Network Router User Manual


  Open as PDF
of 2086
 
69-74
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 69 General VPN Setup
Configuring Clientless SSL VPN Connections
Connection Aliases—Lists in a table the existing connection aliases and their status and lets you add
or delete items in that table. A connection alias appears on the user login page if the connection is
configured to allow users to select a particular connection (tunnel group) at login.
Add—Opens the Add Connection Alias dialog box, on which you can add and enable a
connection alias.
Delete—Removes the selected row from the connection alias table. There is no confirmation or
undo.
Group URLs—Lists in a table the existing group URLs and their status and lets you add or delete
items in that table. A group URL appears on the user login page if the connection is configured to
allow users to select a particular group at login.
Add—Opens the Add Group URL dialog box, on which you can add and enable a group URL.
Delete—Removes the selected row from the connection alias table. There is no confirmation or
undo.
Do not run Cisco Secure Desktop (CSD) on client machine when using group URLs defined above to
access the ASA. (If a client connects using a connection alias, this setting is ignored.)—Check if you
want to exempt users from running CSD who use a URL that matches an entry in the Group URLs table.
Be aware that doing so stops the security appliance from receiving endpoint criteria from these users, so
you might have to change the DAP configuration to provide them with VPN access.
Modes
The following table shows the modes in which this feature is available:
Add or Edit Clientless SSL VPN Connections > Advanced > NetBIOS Servers
The table on this dialog box shows the attributes of the already-configured NetBIOS servers. The Add
or Edit Tunnel Group dialog box for Clientless SSL VPN access, NetBIOS dialog box, lets you configure
the NetBIOS attributes for the tunnel group. Clientless SSL VPN uses NetBIOS and the Common
Internet File System protocol to access or share files on remote systems. When you attempt a file-sharing
connection to a Windows computer by using its computer name, the file server you specify corresponds
to a specific NetBIOS name that identifies a resource on the network.
The ASA queries NetBIOS name servers to map NetBIOS names to IP addresses. Clientless SSL VPN
requires NetBIOS to access or share files on remote systems.
To make the NBNS function operational, you must configure at least one NetBIOS server (host). You
can configure up to 3 NBNS servers for redundancy. The ASA uses the first server on the list for
NetBIOS/CIFS name resolution. If the query fails, it uses the next server.
Fields
IP Address—Displays the IP addresses of configured NetBIOS servers.
Master Browser—Shows whether a server is a WINS server or one that can also be a CIFS server
(that is, a master browser).
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
——