Cisco Systems ASA 5545-X Network Router User Manual


  Open as PDF
of 2086
 
72-73
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 72 Configuring Clientless SSL VPN
Configuring Portal Access Rules
Configuring Web E-mail: MS Outlook Web App
Configuring E-mail Proxies
Clientless SSL VPN supports IMAP4S, POP3S, and SMTPS e-mail proxies. The following attributes
apply globally to e-mail proxy users.
Restrictions
E-mail clients such as MS Outlook, MS Outlook Express, and Eudora lack the ability to access the
certificate store.
1 With the Eudora e-mail client, SMTPS works only on port 465, even though the
default port for SMTPS connections is 988.
Configuring Web E-mail: MS Outlook Web App
The ASAsupports Microsoft Outlook Web App to Exchange Server 2010 and Microsoft Outlook Web
Access to Exchange Server 2007, 2003, and 2000. OWA requires that users perform the following steps:
Detailed Steps
Step 1 Enter the URL of the e-mail service into the address field or click an associated bookmark in the
clientless SSL VPN session.
Step 2 When prompted, enter the e-mail server username in the format domain\username.
Step 3 Enter the e-mail password.
Configuring Portal Access Rules
This enhancement allows customers to configure a global clientless SSL VPN access policy to permit or
deny clientless SSL VPN sessions based on the data present in the HTTP header. If the ASA denies a
clientless SSL VPN session, it returns an error code to the endpoint immediately.
The ASA evaluates this access policy before the endpoint authenticates to the ASA. As a result, in the
case of a denial, fewer ASA processing resources are consumed by additional connection attempts from
the endpoint.
Prerequisites
Log on to the ASA and enter global configuration mode. In global configuration mode, the ASA displays
this prompt:
hostname(config)#