Which command will prevent a group policy from inheriting a filter ACL in a clientless SSL VPN?

Which command will prevent a group policy from inheriting a filter ACL in a clientless SSL VPN?

Which command will prevent a group policy from inheriting a filter ACL in a clientless SSL VPN?

A.
vpn-filter none

B.
no vpn-filter

C.
filter value none

D.
filter value ACLname

Explanation:



Leave a Reply 2

Your email address will not be published. Required fields are marked *


me

me

Answer is A.

asa(config-group-policy)# vpn-filter ?

group-policy mode commands/options:
none Specify that no filter will be applied to users
value Specify the name of a filter that will be applied to users
asa(config-group-policy)# vpn-filter none

Unicast

Unicast

Specifying the Access List for Clientless SSL VPN Sessions

Specify the name of the access list to use for clientless SSL VPN sessions for this group policy or username by using the filter command in webvpn mode. Clientless SSL VPN access lists do not apply until you enter the filter command to specify them.

To remove the access list, including a null value created by issuing the filter none command, enter the no form of this command. The no option allows inheritance of a value from another group policy. To prevent inheriting filter values, enter the filter value none command.

Access lists for clientless SSL VPN sessions do not apply until you enter the filter command to specify them.

You configure ACLs to permit or deny various types of traffic for this group policy. You then enter the filter command to apply those ACLs for clientless SSL VPN traffic.

hostname(config-group-webvpn)# filter {value ACLname | none}

hostname(config-group-webvpn)# no filter

The none keyword indicates that there is no webvpntype access list. It sets a null value, thereby disallowing an access list and prevents inheriting an access list from another group policy.

The ACLname string following the keyword value provides the name of the previously configured access list.

http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/vpn_groups.html