Assigning WebVPN Access to Users and Groups

Assigning WebVPN Access to Users and Groups
tgasa(config)# group-policy REMOTE1 attributes
tgasa(config-group-policy)# webvpn
tgasa(config-group-webvpn)#
tgasa(config)# username jsmith attributes
tgasa(config-username)# webvpn
tgasa(config-username-webvpn)#
Like the WebVPN mode that is used in the global-configuration mode, WebVPN mode in
username-configuration or policy-configuration mode supports commands to define access
Table 13-10 nbns-server Command Parameters
Command Description
hostname Specifies the hostname for the NBNS server.
ipaddr Specifies the IP address for the NBNS server.
master Sets the NBNS server as a master browser, instead of a WINS server.
timeout Indicates that a timeout value follows.
timeout Sets the amount of time the ASA 55X0 waits before retrying a query. The
default timeout is 2 seconds; the range is 1 to 30 seconds.
retry Indicates that a retry value follows.
retries Sets the number of times to retry queries to an NBNS server. The default value
is 2; the range is 1 to 10.
Example 13-10 Assigning WebVPN Access to Users and Groups
tgasa(config)# group-policy REMOTE1 attributes
tgasa(config-group-policy)# webvpn
tgasa(config-group-webvpn)#
tgasa(config)# username jsmith attributes
tgasa(config-username)# webvpn
tgasa(config-username-webvpn)#
Configuring the Security Appliance as a WebVPN Gateway 365
to files, MAPI proxy, URLs, and TCP applications over WebVPN. Content and ACL filters
are also supported in this mode. The commands affect only the user or group in which they
are configured, and all globally affecting commands must be done in global-configuration
mode.
The ASA 55X0 Security Appliance uses one command to enable access to MAPI Proxy, files,
file browsing, and URL entry over WebVPN. The functions command can be used in any
WebVPN mode to assign file and URL access. These commands can also be combined in one
functions statement, granting multiple accesses in one line. The full syntax for the functions
command is as follows:
functions {file-access | file-browsing | file-entry | filter | url-entry | mapi | portforwarding
| none}
Table 13-11 describes the options for the functions command.

Command Description
file-access Enables or disables file access.
file-browsing Enables or disables browsing for file servers and shares.
file-entry Applies a web-type ACL.
filter Applies a web-type ACL. When enabled, the Security Appliance applies
the web-type ACL defined with the WebVPN filter command.
url-entry Enables or disables user entry of URLs.
mapi Enables or disables Microsoft Outlook/Exchange port forwarding.
port-forwarding Enables port forwarding.
none Sets a null value for all WebVPN functions.