Disabling content rewrite, Using proxy bypass – Cisco ASA 5505 User Manual

Page 1669

Advertising
background image

74-83

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 74 Configuring Clientless SSL VPN

Optimizing Clientless SSL VPN Performance

Detailed Steps

Disabling Content Rewrite

You might not want some applications and web resources, for example, public websites, to go through
the ASA. The ASA therefore lets you create rewrite rules that let users browse certain sites and
applications without going through the ASA. This is similar to split-tunneling in an IPsec VPN
connection.

Using Proxy Bypass

You can configure the ASA to use proxy bypass when applications and web resources work better with
the special content rewriting this feature provides. Proxy bypass is an alternative method of content
rewriting that makes minimal changes to the original content. It is often useful with custom web
applications.

You can use this command multiple times. The order in which you configure entries is unimportant. The
interface and path mask or interface and port uniquely identify a proxy bypass rule.

Command

Purpose

Step 1

crypto ca import

Imports a certificate.

Step 2

ava-trustpoint

Example:t

hostname(config)# crypto ca import mytrustpoint

pkcs12 mypassphrase

Enter the base 64 encoded PKCS12.

End with the word “quit” on a line by itself.

[ PKCS12 data omitted ]

quit

INFO: Import PKCS12 operation completed

successfully.

hostname(config)# webvpn

hostname(config)# java-trustpoint mytrustpoint

Employs a certificate.

Shows the creation of a trustpoint named
mytrustpoint and its assignment to signing Java
objects

Command

Purpose

Step 1

webvpn

Switches to webvpn configuration mode.

Step 2

rewrite

Specifies applications and resources to access
outside a clientless SSLN VPN tunnel. You can use
this command multiple times.

Step 3

disable

Used in combination with the rewrite command. The
order number of rules is important because the
security appliance searches rewrite rules by order
number, starting with the lowest, and applies the
first rule that matches.

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals