I have an ASA 5540 and an ACS 4.0. i am configuring an SSL based VPN for users in an active directory. I want to give the users access to their Windows Home Dir and have created a CIFS link in the URL list in the tunnel group policy for those users.
I want to give the users access to \\SERVER\Share\%username% as it is described in windows terms. how do a go about this in the ASA, as the above does not work at all? the ASA wants to use the / instead of \ in the CIFS shares. It works fine for normal shares and hidden share specified with $, but not using the %username% variable.
The documentation on SSL VPNS on both ASA and ACS 4.0 is terrible.
This question might be a bit outdated, yet I stumbled across it since even in times of OS 8.4(3), I've had exactly the same problem. Menawhile I've found the solution to it:
You can work with the usual WebVPN variables which ASA offers for single sign-on (SSO) purposes. The following example works for my customer for a profile in which he applies two-factor authentication and allows his users to access their Windows home share using SSO (using the secondary WebVPN login information, which is their AD login name, accessed via LDAP):
Bookmark URL: cifs:///CSCO_WEBVPN_SECONDARY_USERNAME%24 (where %24 is a code substitution for the '$' sign)
There are two important things to consider, though:
The share name *must* match the user's login name
The folder effectively has to be configured to be a share (not just an ordinary folder). My tests have shown that it doesn't work even if that desired, ordinary destination folder is a subfolder of an accessible share.
This article is intended to be a simple example of configuring AnyConnect relevant syslog messages to be sent from the ASA to a Syslog server. The syslog server in this example is Spunk but almost any syslog server should be do the job. The ...
NGFW Spring 2020 Releases
It’s official! FTD 6.6, ASA 9.14.1, and FXOS 2.8 have been released. We want to thank the hundreds of team members for the tens of thousands of man-hours dedicated to driving this critical release over the finish line. 120...
Hi,I was trying to 2fa cisco duo , all the required settings done as per below . The problem is duo cloud does nti not getting any request from the asa . So I am not getting any code from the duo https://www.youtube.com/watch?v=6nEvmc8wji...
This event continues the conversation of our recent Community Ask Me Anything event "Secure Remote Workers".
To participate in this event, please use the button to ask your questions
Here’s your ch...
User Experience Enhancements
As part of the Cisco Common User Experience program, we are working towards a more uniform user experience and terminology alignment. This program runs across all Cisco security products.
Early Access introduces a...