1-83
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Clientless SSL VPN
Clientless SSL VPN End User Setup
If you configure proxy bypass using ports rather than path masks, depending on your network
configuration, you might need to change your firewall configuration to allow these ports access to the
ASA. Use path masks to avoid this restriction. Be aware, however, that path masks can change, so you
might need to use multiple pathmask statements to exhaust the possibilities.
A path is everything in a URL after the .com or .org or other types of domain name. For example, in the
URL www.example.com/hrbenefits, hrbenefits is the path. Similarly, for the URL
www.example.com/hrinsurance, hrinsurance is the path. If you want to use proxy bypass for all hr sites,
you can avoid using the command multiple times by using the * wildcard as follows: /hr*.
Detailed Steps
Clientless SSL VPN End User Setup
This section is for the system administrator who sets up clientless SSL VPN for end users. It describes
how to customize the end-user interface.
This section summarizes configuration requirements and tasks for a remote system. It specifies
information to communicate to users to get them started using clientless SSL VPN. It includes the
following topics:
• Defining the End User Interface
• Customizing Clientless SSL VPN Pages, page 1-86
• Customizing Help, page 1-103
• Requiring Usernames and Passwords
• Communicating Security Tips
• Configuring Remote Systems to Use Clientless SSL VPN Features
• Translating the Language of User Messages
Defining the End User Interface
The clientless SSL VPN end user interface consists of a series of HTML panels. A user logs on to
clientless SSL VPN by entering the IP address of an ASA interface in the format https://address. The
first panel that displays is the login screen (Figure 1-9).
Command Purpose
Step 1
webvpn
Switches to webvpn configuration mode.
Step 2
proxy-bypass
Configures proxy bypass.
To Next Page
Loading...
Need help?
General
