Cisco Cisco Web Security Appliance S160 Guía Del Usuario
10-18
Cisco AsyncOS for Web User Guide
Chapter 10 Create Policies to Control Internet Requests
Remote Users
Configuring Identification for Remote Users
Configuring Identification of Remote Users
Step 1
Security Services > AnyConnect Secure Mobility, and click Enable.
Step 2
Read the terms of the AnyConnect Secure Mobility License Agreement, and click Accept.
Step 3
Configure how to identify remote users.
Task
Further information
1.
Configure identification of remote users.
2.
Create an identity for remote users.
a.
In the “Define Members by User Location”
section, select Remote Users Only.
section, select Remote Users Only.
b.
In the “Define Members by Authentication”
section, select “Identify Users Transparently
through Cisco ASA Integration.”
section, select “Identify Users Transparently
through Cisco ASA Integration.”
3.
Create a policy for remote users.
Option
Description
Additional Steps
IP Address
Specify a range of IP addresses
that the appliance should consider
as assigned to remote devices.
that the appliance should consider
as assigned to remote devices.
1.
Enter a range of IP addresses in the IP Range
field.
field.
2.
Go to step 4
Cisco ASA
Integration
Integration
Specify one or more Cisco ASA
the Web Security appliance
communicates with. The Cisco
ASA maintains an IP
address-to-user mapping and
communicates that information
with the Web Security appliance.
When the Web Proxy receives a
transaction, it obtains the IP
address and determines the user
by checking the IP
address-to-user mapping. When
users are determined by
integrating with a Cisco ASA,
you can enable single sign-on for
remote users.
the Web Security appliance
communicates with. The Cisco
ASA maintains an IP
address-to-user mapping and
communicates that information
with the Web Security appliance.
When the Web Proxy receives a
transaction, it obtains the IP
address and determines the user
by checking the IP
address-to-user mapping. When
users are determined by
integrating with a Cisco ASA,
you can enable single sign-on for
remote users.
1.
Enter the Cisco ASA host name or IP address.
2.
Enter the port number used to access the ASA.
The default port number for the Cisco ASA is
11999.
The default port number for the Cisco ASA is
11999.
3.
If multiple Cisco ASA are configured in a
cluster, click Add Row and configure each
ASA in the cluster.
cluster, click Add Row and configure each
ASA in the cluster.
Note
If two Cisco ASA are configured for high
availability, enter only one host name or IP
address for the active Cisco ASA.
availability, enter only one host name or IP
address for the active Cisco ASA.
4.
Enter the access password for the Cisco ASA.
Note
The password you enter here must match the
access password configured for the
specified Cisco ASA.
access password configured for the
specified Cisco ASA.
5.
Optional, click Start Test to verify the Web
Security appliance can connect to the
configured Cisco ASA.
Security appliance can connect to the
configured Cisco ASA.