Solved: Disabling webvpn removes proxy-bypass settings.

johnlloyd_13 · ‎06-28-2020

hi,

i disabled anyconnect/webvpn on an ASA FW since it's not being used and to help reduce the vulnerability on the FW.

i got a warning prompt below and was wondering if this is normal? my google search is failing me and i want to know what does it mean? any other webvpn setting that was changed?

can i safely do a 'write mem'?

ciscoasa/pri/act# conf t
ciscoasa/pri/act(config)# webvpn
ciscoasa/pri/act(config-webvpn)# no enable OUTSIDE
WARNING: Disabling webvpn removes proxy-bypass settings.
Do not overwrite the configuration file if you want to keep existing proxy-bypass commands.
INFO: WebVPN and DTLS are disabled on 'OUTSIDE'.

Francesco Molino · ‎06-28-2020

Hi

If you're not publishing any web application where you require an authentication to allow access you can do a we memory.
It's part of the webvpn feature to publish these applications instead of forcing a full vpn toi allow users to access it. Today we use more often smart tunnel from anyconnect.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

Francesco Molino · ‎06-28-2020

Hi

If you're not publishing any web application where you require an authentication to allow access you can do a we memory.
It's part of the webvpn feature to publish these applications instead of forcing a full vpn toi allow users to access it. Today we use more often smart tunnel from anyconnect.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

johnlloyd_13 · ‎06-29-2020

hi francesco,

thanks! so far no one complained about anyconnect.

do i just issue a 'no webvpn' to remove all its config?