Stopping application access improperly, Reconfiguring hosts file manually – Cisco ASA 5505 User Manual
Page 1659
74-73
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 74 Configuring Clientless SSL VPN
Application Access User Notes
Stopping Application Access Improperly
When Application Access terminates abnormally, the
hosts
file remains in a clientless SSL
VPN-customized state. Clientless SSL VPN checks the state the next time you start Application Access
by searching for a hosts.webvpn file. If it finds one, a
Backup HOSTS File Found
error message appears,
and Application Access is temporarily disabled.
Once you shut down Application Access improperly, you leave your remote access client/server
applications in limbo. If you try to start these applications without using clientless SSL VPN, they might
malfunction. You might find that hosts that you normally connect to are unavailable. This situation could
commonly occur if you run applications remotely from home, fail to quit the Application Access window
before shutting down the computer, then try to run the applications later from the office.
Reconfiguring a Host’s File Automatically Using Clientless SSL VPN
If you are able to connect to your remote access server, follow these steps to reconfigure the host’s file
and re-enable both Application Access and the applications.
Detailed Steps
Step 1
Start clientless SSL VPN and log in. The home page opens.
Step 2
Click the Applications Access link. A
Backup HOSTS File Found
message appears.
Step 3
Choose one of the following options:
•
Restore from backup—Clientless SSL VPN forces a proper shutdown. It copies the hosts.webvpn
backup file to the
hosts
file, restoring it to its original state, then deletes hosts.webvpn. You then
have to restart Application Access.
•
Do nothing—Application Access does not start. The remote access home page reappears.
•
Delete backup—Clientless SSL VPN deletes the hosts.webvpn file, leaving the hosts file in its
clientless SSL VPN-customized state. The original
hosts
file settings are lost. Application Access
then starts, using the clientless SSL VPN-customized hosts file as the new original. Choose this
option only if you are unconcerned about losing hosts file settings. If you or a program you use
might have edited the hosts file after Application Access has shut down improperly, choose one of
the other options, or edit the hosts file manually. (See “
Reconfiguring hosts File Manually
.”)
Reconfiguring hosts File Manually
If you are not able to connect to your remote access server from your current location, or if you have
customized the hosts file and do not want to lose your edits, follow these steps to reconfigure the hosts
file and reenable both Application Access and the applications.
Detailed Steps
Step 1
Locate and edit your hosts file. The most common location is c:\windows\sysem32\drivers\etc\hosts.
Step 2
Check to see if any lines contain the string:
# added by WebVpnPortForward
If any lines contain this string, your hosts file is clientless SSL VPN-customized. If your hosts file is
clientless SSL VPN-customized, it looks similar to the following example:
server1 # added by WebVpnPortForward