Scribd
Upload
37 views5 pages

SIMOS 4008 ASA Clientless SSL VPN Web ACL v001

Uploaded by

minhlilili
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
37 views5 pages

SIMOS 4008 ASA Clientless SSL VPN Web ACL v001

Uploaded by

minhlilili
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

CCNP Security – SIMOS

ASA Clientless SSL VPN Web Access-List


Clientless SSL VPN Web Access-List
» Nothing else but a VPN-filter for clientless SSL
VPN sessions
• Scoped to restrict user access via the clientless SSL VPN
tunnel
• Different feature because some resources are accessed
from the web portal
» Why do I need it if I publish specific resources in
the portal ?
• ASA performs URL rewrite for resources accessed via portal
• An attacker could mangle with that and get access to
unauthorized resources
Copyright © www.ine.com
Clientless SSL VPN Web Access-List
» Web Access-List supports only TCP filters
• HTTP/HTTPS/FTP/CIFS/NFS
• IMAP4/POP3/SMTP/RDP
• Other TCP ports
• Smart-Tunnel filtering

Copyright © www.ine.com
Web Access-List Configuration Steps
» Configure the Web access-list
» Apply it at the group-policy level
• Or at the user level

Copyright © www.ine.com
Q&A

Copyright © www.ine.com All rights reserved.

You might also like