Smart tunnel is a connection between winsock 2(TCP) and destination site where ASA works as a proxy. You can,e.g. allow application on local host access resources on corporate network without installing VPN Client.
Asa appliance based on Windows process create smart-tunnel for this application only and block the rest of traffic.
CONFIGURATION
EXAMPLE 1
Allow putty application to reach any host on corporate network.
- Go to Clientless SSL VPN Access – Portal – Smart Tunnels and configure smart tunnel list
Click “Add”, type List name and again click”Add” to add entry for putty application.
In Windows Manager you can check process responsible for this application
- Modify group-policy to enable smart-tunnels.
If you choose “Auto Start” check box smart tunnel process will be started when user logs into the SSL VPN.
- Apply changes to system
- Log in into SSL VPN portal
“Push “Yes” and test access to corporate resources via putty
EXAMPLE 2
Allow firefox browser for access to corporate resources
Add firefox.exe process to smart-tunnel list.
dzbanek 2013-04-01