Which command will prevent a group policy from inheriting a filter ACL in a clientless SSL VPN?

Which command will prevent a group policy from inheriting a filter ACL in a clientless SSL VPN?
A. vpn-filter none
B. no vpn-filter
C. filter value none
D. filter value ACLname

cisco-exams

9 thoughts on “Which command will prevent a group policy from inheriting a filter ACL in a clientless SSL VPN?

  1. Correct Answer is: A: vpn-filter none Look example from my lab:
    asa253(config)# group-policy sales-group attributes
    asa253(config-group-policy)# vpn-filter ?

    group-policy mode commands/options:
    none Specify that no filter will be applied to users
    value Specify the name of a filter that will be applied to users

    And look keyword “vpn-filter none” in document
    https://www.cisco.com/c/en/us/td/docs/security/asa/asa-command-reference/T-Z/cmdref4/v.html

    1. ok but why this on the referenced document

      Usage Guidelines
      Clientless SSL VPN does not use the ACL defined in the vpn-filter command.

  2. The correct one is A
    vpn-filter none
    i test this on my lab and you only has two options, none or ACL value!
    group-policy mode commands/options:
    none Specify that no filter will be applied to users
    value Specify the name of a filter that will be applied to users

    (config-group-policy)# vpn-filter none

  3. From the same document:

    “The no option allows inheritance of a value from another group policy. To prevent inheriting filter values, use the filter value none command. “

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.