1-80
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Clientless SSL VPN
Optimizing Clientless SSL VPN Performance
Detailed Steps
Optimizing Clientless SSL VPN Performance
The ASA provides several ways to optimize clientless SSL VPN performance and functionality.
Performance improvements include caching and compressing web objects. Functionality tuning includes
setting limits on content transformation and proxy-bypass. APCF provides an additional method of
tuning content transformation. The following sections explain these features:
• Configuring Caching
• Configuring Content Transformation
Configuring Caching
Caching enhances clientless SSL VPN performance. It stores frequently reused objects in the system
cache, which reduces the need to perform repeated rewriting and compressing of content. It reduces
traffic between clientless SSL VPN and the remote servers, with the result that many applications run
much more efficiently.
By default, caching is enabled. You can customize the way caching works for your environment by using
the caching commands in cache mode.
Command Purpose
Step 1
webvpn
Example:
hostname(config)# webvpn
Enter webvpn configuration mode.
Step 2
portal-access-rule priority [{permit | deny [code
code]} {any | user-agent match string}
Example:
hostname(config-webvpn)# portal-access-rule 1 deny code
403 user-agent match *Thunderbird*
hostname(config-webvpn)# portal-access-rule 1 deny code
403 user-agent match “*my agent*”
Permit or deny the creation of a SSL VPN session
based on an HTTP header code or a string in the
HTTP header.
The second example shows the proper syntax for
specifying a string with a space. Surround the
string with wildcards (*) and then quotes (“ ”).
To Next Page
Loading...
Need help?
General
