70-35
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 70 Configuring Dynamic Access Policies
Configuring DAP Access and Authorization Policy Attributes
–
Port Forwarding—Select an option for the port forwarding lists that apply to this DAP record.
The other attributes in this field are enabled only when you set Port Forwarding to Enable or
Auto-start.
–
Unchanged—Click to remove the attributes from the running configuration.
–
Enable/Disable—Click to enable or disable port forwarding.
–
Auto-start—Click to enable port forwarding, and to have the DAP record automatically start
the port forwarding applets associated with its port forwarding lists.
–
Port Forwarding List drop-down list—Select already configured port forwarding lists to add
to the DAP record.
–
New...—Click to configure new port forwarding lists.
–
Port Forwarding Lists (unlabeled)—Displays the port forwarding lists for the DAP record.
–
Add—Click to add the selected port forwarding list from the drop-down list to the Port
Forwarding list on the right.
–
Delete—Click to delete selected port forwarding list from the Port Forwarding list. You cannot
delete a port forwarding list from the ASA unless you first delete it from DAP records.
• Bookmarks Tab—Lets you select and configure bookmarks for certain user session URLs.
–
Enable bookmarks—Click to enable. When unchecked, no bookmarks display in the portal
page for the connection.
–
Bookmark drop-down list—select already configured bookmarks to add to the DAP record.
–
Manage...—Click to add, import, export, and delete bookmarks.
–
Bookmarks (unlabeled)—Displays the URL lists for the DAP record.
–
Add>>—Click to add the selected bookmark from the drop-down list to the URL area on the
right.
–
Delete—Click to delete the selected bookmark from the URL list area. You cannot delete a
bookmark from the ASA unless you first delete it from DAP records.
• Access Method Tab—Lets you configure the type of remote access permitted.
–
Unchanged—Continue with the current remote access method.
–
AnyConnect Client—Connect using the Cisco AnyConnect VPN Client.
–
Web-Portal—Connect with clientless VPN.
–
Both-default-Web-Portal—Connect via either clientless or the AnyConnect client, with a
default of clientless.
–
Both-default-AnyConnect Client—Connect via either clientless or the AnyConnect client,
with a default of AnyConnect.
• AnyConnect Tab—Lets you choose the status of the Always-on VPN flag.
–
Always-On VPN for AnyConnect client—Determine if the always-on VPN flag setting in the
AnyConnect service profile is unchanged, disabled, or if the AnyConnect profile setting should
be used.