Cisco PIX 500 Series Configuration Manual page 639
Security appliance command line
Hide thumbs
Also See for PIX 500 Series:
- Administration manual (653 pages) ,
- Quick start manual (72 pages) ,
- User manual (60 pages)
Table of Contents
Advertisement
Chapter 30
Configuring Connection Profiles, Group Policies, and Users
Configuring Connection Profiles
For example, The following command allows both AAA and certificate authentication:
hostname(config-tunnel-webvpn)# authentication aaa certificate
hostname(config-tunnel-webvpn)#
Applying Customization
Customizations determine the appearance of the windows that the user sees upon login. You configure
the customization parameters as part of configuring clientless SSL VPN.
To apply a previously defined web-page customization to change the look-and-feel of the web page that
the user sees at login, enter the customization command in username webvpn configuration mode:
hostname(config-username-webvpn)# customization {none | value customization_name }
hostname(config-username-webvpn)#
For example, to use the customization named blueborder, enter the following command:
hostname(config-username-webvpn)# customization value blueborder
hostname(config-username-webvpn)#
You configure the customization itself by entering the customization command in webvpn mode.
The following example shows a command sequence that first establishes a customization named "123"
that defines a password prompt. The example then defines a clientless SSL VPN tunnel-group named
"test" and uses the customization command to specify the use of the customization named "123":
hostname(config)# webvpn
hostname(config-webvpn)# customization 123
hostname(config-webvpn-custom)# password-prompt Enter password
hostname(config-webvpn)# exit
hostname(config)# tunnel-group test type webvpn
hostname(config)# tunnel-group test webvpn-attributes
hostname(config-tunnel-webvpn)# customization value 123
hostname(config-tunnel-webvpn)#
Step 3
The security appliance queries NetBIOS name servers to map NetBIOS names to IP addresses. Clientless
SSL VPN requires NetBIOS to access or share files on remote systems. Clientless SSL VPN uses
NetBIOS and the CIFS protocol to access or share files on remote systems. When you attempt a
file-sharing connection to a Windows computer by using its computer name, the file server you specify
corresponds to a specific NetBIOS name that identifies a resource on the network.
To make the NBNS function operational, you must configure at least one NetBIOS server (host). You
can configure up to three NBNS servers for redundancy. The security appliance uses the first server on
the list for NetBIOS/CIFS name resolution. If the query fails, it uses the next server.
To specify the name of the NBNS (NetBIOS Name Service) server to use for CIFS name resolution, use
the nbns-server command. You can enter up to three server entries. The first server you configure is the
primary server, and the others are backups, for redundancy. You can also specify whether this is a master
browser (rather than just a WINS server), the timeout interval, and the number of retries. A WINS server
or a master browser is typically on the same network as the security appliance, or reachable from that
network. You must specify the timeout interval before the number of retries:
hostname(config-tunnel-webvpn)# nbns-server { host-name | IP_address } [master]
[timeout seconds ] [retry number ]
hostname(config-tunnel-webvpn)#
For example, to configure the server named nbnsprimary as the primary server and the server
192.168.2.2 as the secondary server, each allowing three retries and having a 5-second timeout, enter the
following command:
hostname(config)# name 192.168.2.1 nbnsprimary
Cisco Security Appliance Command Line Configuration Guide
30-23
OL-12172-03
Advertisement
Table of Contents
Troubleshooting
