Cisco VPN 2.0: Deploying Clientless SSL VPNs

This course is included in our On-demand training solution.


Clientless Secure Sockets Layer (SSL) VPN solutions provide browser-based access to resources behind the Cisco ASA adaptive security appliance. With clientless SSL VPNs, users can access resources without any special client software. Web-based applications, Common Internet File System (CIFS) file shares, and FTP servers can also be accessed by users when using clientless SSL VPNs. And with application plug-ins, port forwarding, and Smart tunnels, users can access almost any application that uses static TCP ports. This course describes deployment of the basic clientless SSL VPN including how to configure, verify, and troubleshoot a basic clientless SSL VPN solutions.
Many enterprise applications are not web-based and use other standard or proprietary protocols to communicate over IP networks. Therefore, clientless Secure Sockets Layer (SSL) VPN gateways must provide some alternative possibilities for users to access these application resources. This course discusses the application plug-ins and smart-tunnel features of the Cisco ASA adaptive security appliance SSL VPN gateway. These features provide clientless access to a wide range of thin- and thick-client applications. In this course how to configure, verify, and troubleshoot these access features are described.

Target Audience

Anyone wishing to obtain the Cisco Certified Network Professional CCNP Security designation. Cisco Network Security Engineers responsible for the selection, configuration, and the troubleshooting of the majority of Cisco ASA adaptive security appliance perimeter security features to reduce risk to IT infrastructure and its applications within their networking environments. Established IT professionals with a good understanding of networking and Cisco technology, installation, troubleshooting and monitoring of devices used to maintain integrity, confidentiality and availability of data and network devices that Cisco uses in its security infrastructure, as well as working knowledge of the Microsoft Windows operating system. Candidates who have completed the Cisco Certified Network Associate (CCNA), the Cisco Certified Network Associate Security (CCNA Security), the Securing Networks with Cisco Routers and Switches (SECURE) v1.0, and the Deploying Cisco ASA Firewall Solutions (FIREWALL 2.0) Certifications.


Expected Duration

120 min.

Course Objectives

The Cisco ASA Clientless SSL VPN Solution

  • describe the characteristics of the Cisco ASA clientless SSL VPN solution
  • put the general deployment tasks for the creation of a clientless SSL VPN solution in order
  • Configuring Basic Cisco ASA Gateway Features

  • describe how to configure and verify basic Cisco ASA security appliance gateway features and gateway authentication for clientless SSL VPNs
  • Configuring Basic User Authentication

  • recognize how to configure basic user authentication in clientless SSL VPN
  • Configuring Clientless SSL VPN Support

  • enable an outside interface for clientless SSL VPN access using an identity certificate
  • Configuring Basic Access Control

  • describe the considerations involved in setting basic access control in a clientless SSL VPN
  • recognize basic access control configuration tasks
  • Troubleshooting Clientless SSL VPN

  • describe how to troubleshoot clientless SSL VPN session establishment
  • Deploying Clientless SSL VPN Application-Access

  • describe the consideration involved in the deployment of clientless SSL VPN application-access features
  • match the tasks involved in the configuration of application plug-ins on the Cisco ASA security appliance SSL VPN gateway to their description
  • Deploying Smart Tunnels

  • describe how to configure and verify Smart tunnels in clientless SSL VPNs
  • describe the benefits of Smart tunnels
  • Troubleshooting Advanced Application Access

  • troubleshoot advanced application access in clientless SSL VPNs in a given scenario