Filter
Top Products
35-9
Cisco ASDM User Guide
OL-16647-01
Chapter 35 General
Group Policies
Fields
• Bookmark List—Select a previously-configured Bookmark list or click Manage to create a new one.
Bookmarks appear as links, from which users can navigate from the portal page.
• URL Entry—Enable to allow remote users to enter URLs directly into the portal URL field.
• File Access Control—Controls the visibility of “hidden shares” for Common Internet File System
(CIFS) files. A hidden share is identified by a dollar sign ($) at the end of the share name. For
example, drive C is shared as C$. With hidden shares, a shared folder is not displayed, and users are
restricted from browsing or accessing these hidden resources.
–
File Server Entry—Enable to allow remote users to enter the name of a file server.
–
File Server Browsing—Enable to allow remote users to browse for available file servers.
–
Hidden Share Access—Enable to hide shared folders.
• Port Forwarding Control—Provides users access to TCP-based applications over a Clientless SSL
VPN connection through a Java Applet.
–
Port Forwarding List—Select a previously-configured list TCP applications to associate with
this group policy. Click Manage to create a new list or to edit an existing list.
–
Auto Applet Download—Enables automatic installation and starting of the Applet the first time
the user logs in.
–
Applet Name—Changes the name of the title bar that of the Applet window to the name you
designate. By default, the name is Application Access.
• Smart Tunnel—Connects a Winsock 2, TCP-based application installed on the end station to a server
on the intranet, using a clientless (browser-based) SSL VPN session with the security appliance as
the pathway, and the security appliance as a proxy server.
–
Smart Tunnel List—Select the list name from the drop-down menu if you want to provide smart
tunnel access. Assigning a smart tunnel list to a group policy or username enables smart tunnel
access for all users whose sessions are associated with the group policy or username, but
restricts smart tunnel access to the applications specified in the list. To view, add, modify, or
delete a smart tunnel list, click the adjacent Manage button.
–
Auto Start (Smart Tunnel List)—Check to start smart tunnel access automatically upon user
login. Uncheck to enable smart tunnel access upon user login, but require the user to start it
manually, using the Application Access > Start Smart Tunnels button on the Clientless SSL
VPN Portal Page.
–
Auto Sign-on Server List—Select the list name from the drop-down menu if you want to reissue
the user credentials when the user establishes a smart tunnel connection to a server. Each smart
tunnel auto sign-on list entry identifies a server with which to automate the submission of user
credentials. To view, add, modify, or delete a smart tunnel auto sign-on list, click the adjacent
Manage button.
–
Domain Name (Optional)—Specify the Windows domain to add it to the username during auto
sign-on, if the universal naming convention (domain\username) is required for authentication.
For example, enter CISCO to specify CISCO\jsmith when authenticating for the username
jsmith. You must also check the “Use Windows domain name with user name” option when
configuring associated entries in the auto sign-on server list.
• ActiveX Relay—Lets Clientless users launch Microsoft Office applications from the browser. The
applications use the session to download and upload Microsoft Office documents. The ActiveX relay
remains in force until the Clientless SSL VPN session closes.
More Options: