https://community.cisco.com/t5/network-security/asa-webvpn-url-redirection/m-p/789524#M429262 <HTML><HEAD></HEAD><BODY><P>That's all fine -- that redirects users to a HOME page. What I want to do is deliver a highly customized ACCESS DENIED message when someone clicks a link they don't have access to. My preference is to redirect them to a web page on our public WWW server when they are DENIED access to a resource. </P></BODY></HTML> Fri, 15 Jun 2007 18:52:03 GMT Damon Cassell 2007-06-15T18:52:03Z https://community.cisco.com/t5/network-security/asa-webvpn-url-redirection/m-p/789522#M429260 <P>I have a question about performing URL redirection with WebVPN. Basically, is there a way to do this? </P><P></P><P>We use ASA for IPSec VPN, and Microsoft ISA to allow access to webmail and some other internal HTTP resources without a client. </P><P></P><P>I am trying to cook up a configuration on the ASA to do what ISA does for us, so we can get down to one remote access platform.</P><P></P><P>So far, I can do 95% of what ISA 2004 does with ASA WebVPN. One thing I am stuck on, though, is this scenario:</P><P></P><P>We allow access to "<A class="jive-link-custom" href="http://intranet.mycompany.com/timecards" target="_blank">http://intranet.mycompany.com/timecards</A>". But, if a user requests (or clicks a link to) "<A class="jive-link-custom" href="http://intranet.mycompany.com/otherpath" target="_blank">http://intranet.mycompany.com/otherpath</A>" we want her to be shown a help page hosted on our external www server. The generic "Access to this resource has been denied" message is not sufficient.</P><P></P><P>How do I do this? It seems simple enough, and ISA 2004 handles it quite nicely, but I cannot figure out how to do this on ASA.</P><P></P><P>I'm running an ASA 5540 with ASA 7.2(2)22 and ASDM 5.2(2)58. </P> Fri, 21 Feb 2020 09:33:58 GMT https://community.cisco.com/t5/network-security/asa-webvpn-url-redirection/m-p/789522#M429260 Damon Cassell 2020-02-21T09:33:58Z https://community.cisco.com/t5/network-security/asa-webvpn-url-redirection/m-p/789523#M429261 <HTML><HEAD></HEAD><BODY><P>Set the default group policy to redirect the WebVPN home page. By default, alternative group policies and users inherit the Custom Homepage setting of the default group policy. </P><P>Double-click the DfltGrpPolicy entry in the Group Policy table, open the WebVPN &gt; Homepage tab, click Specify URL, select http from the drop-down menu, enter the URL of the Citrix server in the field to the right, and click OK. </P><P>?Set the alternative group policies to redirect the WebVPN home page. </P><P>By default, users inherit the Custom Homepage setting from their respective assigned group policies. </P><P>For each internal or external group policy for which you want to redirect the WebVPN home page, double-click the policy in the Group Policy table, open the WebVPN &gt; Homepage tab, clear Inherit in the Custom Homepage area, click Specify URL, select http from the drop-down menu, enter the URL of the Citrix server in the field to the right, and click OK</P><P></P></BODY></HTML> Fri, 15 Jun 2007 18:04:32 GMT https://community.cisco.com/t5/network-security/asa-webvpn-url-redirection/m-p/789523#M429261 fmeetz 2007-06-15T18:04:32Z https://community.cisco.com/t5/network-security/asa-webvpn-url-redirection/m-p/789524#M429262 <HTML><HEAD></HEAD><BODY><P>That's all fine -- that redirects users to a HOME page. What I want to do is deliver a highly customized ACCESS DENIED message when someone clicks a link they don't have access to. My preference is to redirect them to a web page on our public WWW server when they are DENIED access to a resource. </P></BODY></HTML> Fri, 15 Jun 2007 18:52:03 GMT https://community.cisco.com/t5/network-security/asa-webvpn-url-redirection/m-p/789524#M429262 Damon Cassell 2007-06-15T18:52:03Z