Filter
Top Products
38-38
Cisco ASDM User Guide
OL-16647-01
Chapter 38 Clientless SSL VPN
Configuring Smart Tunnel Access
Add or Edit Smart Tunnel List
The Add Smart Tunnel List dialog box lets you add a list of smart tunnel entries to the security appliance
configuration. The Edit Smart Tunnel List dialog box lets you modify the contents of the list.
Field
• List Name—Enter a unique name for the list of applications or programs. There is no restriction on
the number of characters in the name. Do not use spaces.
Following the configuration of the smart tunnel list, the list name appears next to the Smart Tunnel
List attribute in the Clientless SSL VPN group policies and local user policies. Assign a name that
will help you to distinguish its contents or purpose from other lists that you are likely to configure.
Modes
The following table shows the modes in which this feature is available:
Add or Edit Smart Tunnel Entry
The Add or Edit Smart Tunnel Entry dialog box lets you specify the attributes of an application in a smart
tunnel list.
• Application ID—Enter a string to name the entry in the smart tunnel list. The string is unique for
the OS. It typically names the application to be granted smart tunnel access. To support multiple
versions of an application for which you choose to specify different paths or hash values, you can
use this attribute to differentiate entries, specifying the OS, and name and version of the application
supported by each list entry. The string can be up to 64 characters.
• Process Name—Enter the filename or path to the application. The string can be up to 128 characters.
Windows requires an exact match of this value to the right side of the application path on the remote
host to qualify the application for smart tunnel access. If you specify only the filename for Windows,
SSL VPN does not enforce a location restriction on the remote host to qualify the application for
smart tunnel access.
If you specify a path and the user installed the application in another location, that application does
not qualify. The application can reside on any path as long as the right side of the string matches the
value you enter.
To authorize an application for smart tunnel access if it is present on one of several paths on the
remote host, either specify only the name and extension of the application in this field; or create a
unique smart tunnel entry for each path.
Note A sudden problem with smart tunnel access may be an indication that a Process Name value
is not up-to-date with an application upgrade. For example, the default path to an application
sometimes changes following the acquisition of the company that produces the application
and the next application upgrade.
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• — • ——