Assigning A Port Forwarding List; Automating Port Forwarding - Cisco PIX 500 Series Configuration Manual
Security appliance command line
Hide thumbs
Also See for PIX 500 Series:
- Administration manual (653 pages) ,
- Quick start manual (72 pages) ,
- User manual (60 pages)
Table of Contents
Advertisement
Chapter 37
Configuring Clientless SSL VPN
Following the configuration of a port forwarding list, assign the list to group policies or usernames, as
described in the next section.
Assigning a Port Forwarding List
For each group policy and username, you can configure clientless SSL VPN to do one of the following:
•
•
These options are mutually exclusive for each group policy and username. Use only one.
Note
Table 37-4
configuration of each group policy and username supports only one of these commands at a time, so
when you enter one, the security appliance replaces the one present in the configuration of the group
policy or username in question with the new one, or in the case of the last command, simply removes the
port-forward command from the group policy or username configuration.
Table 37-4
Command
port-forward auto-start list_name Starts port forwarding automatically upon user login.
port-forward enable list_name
port-forward disable
no port-forward
[auto-start list_name |
enable list_name | disable]
For details, go to the section that addresses the option you want to use.
Automating Port Forwarding
To start port forwarding automatically upon user login, enter the following command in group-policy
webvpn configuration mode or username webvpn configuration mode:
port-forward auto-start list_name
list_name names the port forwarding list already present in the security appliance webvpn configuration.
You cannot assign more than one port forwarding list to a group policy or username. To display the port
forwarding list entries present in the security appliance configuration, enter the show run webvpn
port-forward command in privileged EXEC mode.
To remove the port-forward command from the group policy or username and inherit the [no]
port-forward command from the default group-policy, use the no form of the command.
OL-12172-03
Start port forwarding access automatically upon user login.
Enable port forwarding access upon user login, but require the user to start it manually, using the
Application Access > Start Applications button on the clientless SSL VPN Portal Page.
lists the port-forward commands available to each group policy and username. The
group-policy and username webvpn port-forward Commands
Description
Enables port forwarding upon user login, but requires the user to
start port forwarding manually, using the Application Access >
Start Applications button on the clientless SSL VPN portal
page.
Prevents port forwarding.
Removes a port-forward command from the group policy or
username configuration, which then inherits the
[no] port-forward command from the default group-policy. The
keywords following the no port-forward command are optional,
however, they restrict the removal to the named port-forward
command.
Cisco Security Appliance Command Line Configuration Guide
Configuring Application Access
37-33
Advertisement
Table of Contents
Troubleshooting
